ENNAENNA

FakeNet-NG vs Wireshark

FakeNet-NG

๐Ÿงฌ Reverse Engineering ยท Python

Wireshark

๐ŸŒ Network Recon ยท C/C++

GitHub Stats

2.1k
Stars
9.3k
380
Forks
2.1k
82
Issues
2
25d ago
Updated
today
Apache-2.0
License
GPL-2.0
Python
Language
C/C++

About FakeNet-NG

FakeNet-NG is a dynamic network analysis tool designed for malware analysis on Windows and Linux. It intercepts and redirects all network traffic to local listeners that simulate real internet services (HTTP, HTTPS, DNS, SMTP, FTP, IRC, and custom protocols). This allows analysts to observe malware network behavior without allowing actual internet connectivity, capturing C2 communications, download URLs, exfiltration attempts, and protocol patterns. FakeNet-NG supports SSL interception, custom response scripts, and integration with other analysis tools. It operates at the network driver level, catching traffic from all processes simultaneously.

About Wireshark

Wireshark is the world's most popular network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It has a rich feature set including deep inspection of hundreds of protocols, live capture and offline analysis, rich VoIP analysis, read/write support for many capture file formats, and powerful display filters. Wireshark is essential for network troubleshooting, security analysis, software development, and education.

Platform Support

๐Ÿงlinux๐ŸชŸwindows
๐Ÿงlinux๐ŸŽmacos๐ŸชŸwindows

Tags

FakeNet-NG only

malware-analysisnetwork-simulationdynamic-analysisc2-capturemandiant

Wireshark only

packet-captureprotocol-analysisguiclassic
View FakeNet-NG DetailsView Wireshark Details