From aldeid
Jump to: navigation, search


What is Netifera?

Netifera is a network scanner capable of passive scanning (scan of a pcap file, live network sniffing) as well as active scanning (entity port scan). It enables to identify hosts on the network.

Architecture in a nutshell


Here is the way objects are organized within Netifera:

  • A workspace is the global container.
  • This latest is divided into spaces to enable the isolation of netblocks.
  • Each space contains entities (hosts, hardware, ...) detected by the sniffer


Installation of Netifera

$ cd /data/src/
$ wget
$ unzip
$ mkdir -p /pentest/scanners/
$ mv netifera /pentest/scanners/

Installation of the backdoor

For Netifera to be able to sniff, you need to install the backdoor. To install it, run:

$ cd /pentest/scanners/netifera/
$ sudo ./

To be able to sniff, you usually need root privileges. This backdoor has been developed to enable sniffing without starting Netifera as root.



Start netifera

$ cd /pentest/scanners/netifera/
$ ./netifera



  • File
    • New Space: Create a new space (add a tab in the existing workspace)
    • Open Space: Load list of existing spaces
    • Open WorkSpace: Popup a window with the list of existing workspaces
    • New Workspace: Popup a window with a form enabling to name the workspace to create
    • Exit: Quit the application
  • Window
    • Preferences: Open preferences window (terminal buffer lines, serial timeout, network timeout)
    • Open View
      • Tasks: Load the Tasks view
      • Other: Popup a window with list of views
    • Open Perspective: Popup a window with the list of existing perspectives (default: Sniffing, Tools)
      • Other: Popup a window with the list of existing perspectives
    • Show Perspective: Same as open perspectives
    • Reset Perspective: Resets perspectives to default
    • Close Perspective: Close currently active perspective
    • Close All Perspectives: Close all opened perspectives
    • Show View Menu
  • Help
    • About: Show splash screen with installed version


Tools toolbar (top left)

This toolbar is shown when the Tools perspective is loaded.


The top left toolbar enables to:

  • Add a new space
  • Open an existing workspace
  • Create a new workspace
  • Manually add new entities to a space, using the input field. The input bar understands inputs in the following formats:
  • IP address: e.g.
  • Netblock in CIDR notation:
  • HTTP URLs:
  • Email address: [email protected]
  • Domain:

Sniffing toolbar (top left)


This toolbar is shown when the Sniffing perspective is loaded.

Icons on this toolbar enable to:

  • Create a new space
  • Open an existing workspace
  • Create a new workspace
  • Stop a live capture
  • Start a live capture
  • Configure sniffing service
  • Open a packet capture file (*.pcap file)
Netifera capture options

Options available in the sniffer configuration:

  • Network interfaces: Select the interfaces to use for the capture
  • Sniffing modules:
    • DNS Sniffer
    • Passive OS fingerprinting
    • HTTP Sniffer
    • ARP Information Gathering
    • Passive Service Detector

Perspective toolbar (top right)


This toolbar enables to switch between perspectives. Two default perspectives are loaded:

  • Tools
  • Sniffing

Other tools (bottom left)


The icons in this toolbars are:

  • Fast view: enable to change current view
  • Console: display log/debugging window
  • Probe list: display list of probes
  • Space list: display list of spaces

Memory (bottom right)


Netifera is developed in Java and is launched with a limited amount of memory. This indicator shows live memory usage. To reset the memory stack, click on the trash icon.


Netifera - Space

This shows the spaces that have been created (tabs). On each space, the list of entities is displayed.

By moving the mouse over an entity, a menu is displayed:

  • Reverse DNS Lookup
  • Discover TCP Services
  • Discover UDP Services
  • Create netblock */16
  • Create netblock */24

This menu also contains icons to:

  • Scan common TCP/UDP ports
  • Add a tag
  • Remove the entity from the space
Notice that tags are used to group entities. If many entities have the same tag, they will be grouped in the same folder.


Netifera - Tasks

By clicking on options from the entity menu, it executes tasks.

For each task, there is a progress bar as well as a task output in this view.