Wireshark
FeaturedGPL-2.0🌐 Network Recon · C/C++
Wireshark is the world's most popular network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It has a rich feature set including deep inspection of hundreds of protocols, live capture and offline analysis, rich VoIP analysis, read/write support for many capture file formats, and powerful display filters. Wireshark is essential for network troubleshooting, security analysis, software development, and education.
Installation
apt (Debian/Ubuntu)
$ sudo apt install wiresharkbrew (macOS)
$ brew install --cask wiresharkchoco (Windows)
$ choco install wiresharkUse Cases
- Network protocol analysis and troubleshooting
- Packet capture and deep inspection
- Security incident investigation
- Malware traffic analysis
- VoIP and streaming analysis
- Network forensics and evidence collection
Tags
Details
- Category
- 🌐 Network Recon
- Language
- C/C++
- Repository
- wireshark/wireshark
- License
- GPL-2.0
Platforms
Alternatives & Comparisons
More in Network Recon
Nmap
C/C++The gold standard network scanner. Host discovery, port scanning, service/version detection, OS fingerprinting.
Masscan
CInternet-scale port scanner. Transmits 10 million packets per second. Asynchronous, stateless scanning.
RustScan
RustBlazing fast port scanner that pipes into Nmap. Scans all 65k ports in 3 seconds flat.
Shodan CLI
PythonCommand-line interface for Shodan, the search engine for internet-connected devices.
Responder
PythonLLMNR/NBT-NS/mDNS poisoner and rogue authentication server. Captures NTLMv1/v2 hashes on the network.
Censys CLI
PythonSearch engine for internet-connected devices. Alternative to Shodan with certificate and host search.