Net.Hunter: Handheld Packet Capture Appliance for Security/Forensics

Net.Hunter is a handy Handheld Packet Capture device ideal for many applications including those within the Security and Forensic sector.

In the past, testing was restricted to high end and costly rack mounted devices based in laboratories. Nowadays, mobility is vital and Net.Hunter offers the flexibility for both field and laboratory testing in a simple to use, compact handheld solution with built-in screen, keyboard and batteries. Net.Hunter is a capturing/recording tool that offers you EXACTLY the same performance as high end rack mounted appliances and, in some cases, even better. Net.Hunter is capable of analysing absolutely ALL packets in a GbE full duplex line because all features are implemented by hardware (FPGA). Consequently, the aggregated throughput is at the FULL 2Gbit/s and, interestingly, Net.Hunter includes an embedded TAP that captures those packets that are compliant with a trigger condition, or with any of the 15+15 programmable L1/L2/L3/L4 filters.Suspicious packets can either be saved in a local hard disk drive or saved to a LAN, always at full wirespeed. As Net.Hunter has no IP or MAC address, it is undetectable whilst operations are executed, again at FULL bit rate in both directions [Tx+Rx], with ZERO delay [ns] and ZERO loss to the live traffic.


In summary, Net.Hunter can filter, capture, tap and save packets to a local hard-disk at FULL wirespeed, wherever you are. Net.Hunter is a stream-to-disk device that can filter, copy, save and eventually tap packets at FULL wirespeed to assist those who need to monitor, tap and record any data, protocol or conversation without disturbing the live traffic or generating jitter, delay and loss.

Why Net.Hunter? Standard testers and probes are NOT able to provide the complete view that network experts need.

Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.

Unsubscribe any time. We respect your privacy - read our privacy policy.


· DEFENSE: ‘suspicious messages must be decoded seamlessly at any place of the network’
· SECURITY: ‘the firewall is not fast enough, we need a tool capable to filter & record potential hackers, malware and unauthorized access’
· OPERATOR: ‘go to the client premises and capture and time-stamp PTP traffic in both directions’
· NETWORKING: ‘how can we tap the packets in a live line without disturbing the rest of the traffic?’
· LAWFUL FORENSIC: ‘the courts have requested the police to capture all the messages from this IP address’
· ENGINEERS: ‘my protocol analyser does not work at that bit rate, what can I do?’
· MAINTENANCE: ‘we need to filter and tap from one splitter in the subway, but there is no power plug available!’


Built as a field device it captures data at any point – Optic, Electric & Wireless:

– 100% firmware/hardware operation means wirespeed & nanosecond accuracy
– Non-stop packet capture 24/7/365
– Filter/Capture/Record at full duplex G/bit
– Captures at 2 x SFP (o/e) + 2 x RJ45
– WiFi captures by external accessory
– Capture to Storage at full wirespeed (1+1 GbE)
– Storage size: 60 or 120 G/Bytes hard disk drive
– 100% Filtering, Capture, Decoding, Recording & Aggregation by FPGA
– NTP synchronisation
– Synchronised PCAP Time Stamp
– Wireshark friendly for protocol analysis
– VoIP, IPTV, Data, TCP/IP and more
– Real time Multistream captures for IPTV
– No MAC, no IP: Undetectable
– No MAC, no IP: Cannot be hacked
– Monitor and Pass through oeration modes
– 1 Trigger Conditions
– Built-in Tap to 1000BASE-T
– 15+15 Programmable Filters
– Smart recording: first Filters and then Records
– VNC remote control
– Access via standard web browser
– IPv4 and IPv6
– Fault tolerant to AC power loss
– 4.5 hours of operation with batteries
– 2.6 lbs.

(!) CHANNELS / OEM wanted

Leave a Comment

Latest Articles