Ngrep

Multi Purpose Hacking/ Pentesting Tools


What is Ngrep?
This tool – ngrep – (which is a concatenation of ‘Network Grep’) is a network packet analyzer that works within the command line, and is reliant on the pcap library and the GNU regex library. ngrep is similar to tcpdump, but it offers more in that it will show the ‘regular expression’ in the payload of a packet, and also demonstrate the matching packets on a screen or console. The end result is that the user (typically a penetration tester or network security engineer) will see all unencrypted traffic being passed over the network. You need to put the network interface into promiscuous mode in order for this to work.

Is Ngrep Free?
Downloading and using of Ngrep is free.

Does Ngrep Work on all Operating Systems?
It works on operating systems running Linux, Windows and MAC OS X.

What are the Typical Uses for Ngrep?
Ngrep is used to store traffic on the wire and store pcap dump files and read files generated by tools like tcpdump or wireshark.



Recommended Books