WireShark
Open SourceThe industry-standard network protocol analyzer. Capture and inspect every packet on your network with deep protocol analysis.
By Wireshark Foundation v4.4.3 100M+ installs Updated
Pros
- Supports 3000+ protocols out of the box
- Powerful display and capture filters
- Real-time packet capture with deep inspection
- Cross-platform: Windows, macOS, Linux
- Free and open source — industry standard
Cons
- Steep learning curve for beginners
- Admin/root privileges required for capture
- Can capture sensitive data if misused
Overview
Wireshark is the gold standard for network traffic analysis. Whether you’re debugging a connectivity issue, analyzing application protocols, studying network security, or learning TCP/IP — Wireshark gives you unparalleled visibility into what’s traversing your network.
Core Capabilities
- Live capture from Ethernet, Wi-Fi, Bluetooth, and more
- Display filters –
http.response.code == 404– find exactly what you need - Follow TCP/UDP streams – See full HTTP conversations
- Statistics and graphs – I/O graphs, protocol hierarchy, endpoints
- Decrypt SSL/TLS with pre-master secrets
Essential Filter Examples
# Only HTTP traffic
http
# Traffic to a specific IP
ip.addr == 192.168.1.100
# DNS queries
dns.qry.name contains "google"
# TCP SYN packets (connection attempts)
tcp.flags.syn == 1 && tcp.flags.ack == 0Technical Specs
- Category
- Network Tools
- Platform
- Windows, macOS, Linux
- Pricing
- Open Source
- Version
- 4.4.3
- Developer
- Wireshark Foundation
- Released
- May 1998
- Updated
- Oct 2025
- Installs
- 100M+