Wireshark

What is Wireshark?

Wireshark is a powerful network protocol analyzer that enables IT professionals and network security experts to capture, inspect, and analyze network traffic in real-time or from saved data files. With its deep protocol analysis capabilities, advanced display filtering, and support for a wide range of network technologies, Wireshark has become the de facto standard for network troubleshooting and security monitoring across various industries and academic institutions

Highlights

• Deep inspection of hundreds of network protocols, with continuous expansion of supported protocols
• Live network data capture and offline analysis through a rich, multi-platform graphical user interface (GUI)
• Extensive file format support for reading and writing network capture data, including pcap, pcapng, and various proprietary formats
• Decryption support for numerous protocols, enabling visibility into encrypted network traffic
• Customizable coloring rules for quick identification of relevant network events
• Flexible data export options, including XML, CSV, and plain text formats