Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. Many of you will know it as Ethereal.
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis
- Standard three-pane packet browser
- Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
- The most powerful display filters in the industry
- Rich VoIP analysis
- Capture files compressed with gzip can be decompressed on the fly
You can see the full changelog for version 1.2.1 here:
A LOT of vulnerabilities and bugs have been fixed in this version, some having persisted since version 1.0 – so it’d be a good time to upgrade if you haven’t already.
You can download Wireshark 1.2.1 here:
Or read more here.
- Rekall – Memory Forensic Framework
- DAMM – Differential Analysis of Malware in Memory
- Malheur – Automatic Malware Analysis Tool
- Wireshark v1.0.0 Released – Cross Platform Graphical Packet Sniffer
- Tshark – Network Protocol Analyzer & Traffic Dumper
- Appie – Portable Android Security Testing Suite
Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,214 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 33,269 views
- sslsniff v0.6 Released – SSL MITM Tool - 27,160 views