Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. Many of you will know it as Ethereal.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Capture files compressed with gzip can be decompressed on the fly
You can see the full changelog for version 1.2.1 here:
A LOT of vulnerabilities and bugs have been fixed in this version, some having persisted since version 1.0 – so it’d be a good time to upgrade if you haven’t already.
You can download Wireshark 1.2.1 here:
Or read more here.
Recent in Forensics:
- Mobius Forensic Toolkit 0.5.10 – Forensics Framework To Manage Cases & Case Items
- Rec Studio 4 – Reverse Engineering Compiler & Decompiler
- CAINE (Computer Aided INvestigative Environment) – Digital Forensics LiveCD
- Wireshark v1.0.0 Released – Cross Platform Graphical Packet Sniffer
- Tshark – Network Protocol Analyzer & Traffic Dumper
- FTPXerox v1.0 – FTP File Transfer Sniffer
Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 65,492 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 28,517 views
- sslsniff v0.6 Released – SSL MITM Tool - 26,822 views