Skip to content
- Offline analysis of tcpdump (libpcap) and Pcap NG files
- Multiple files can be opened and operated as one
- Runs on Windows
- Packet filtering
- Detailed inspection of several protocols
- Supported linktypes are Ethernet, IEEE 802.11 and IPv4/6
- Live capture supporting WinPcap/Npcap drivers
- Visualized connections in matrix
- Visualized IP connections in a World map
- Visualized packets on a timeline with drag & drop zoom
- Passive OS fingerprinting using databases from Satori
- Packet Playback
- Resolves physical, network and transport addresses (uses captured DNS data for address resolution)
- Resolves IP addresses using system DNS servers. Disabled by default
- Extracts host/domain names from DHCP packets. Extracts NetBIOS names from NBNS/NBDS packets
- Geo IPv4 and IPv6 integrated
- Simple packet data hex/text edit
- Packet data hex/text search
- Diagnostic tools with Geo locations: Traceroute, Ping, DNS Lookup
- Other tools: Whois lookup, Subnet Calculator
- Endpoint overview table with filters and exportable as CSV
- Many customizable settings to setup application as you prefer. Automatically stored
- Option to manage and launch external programs from within Nethor
- MAC address Information: Age, organization and address
- I/O graph
- Top 5-20 chart with several categories
- All modules/views supports packet filters and live packets capture
- Supports Japanese
