A network protocol analyzer that captures and interactively browses traffic running on a computer network.
Wireshark is a network protocol analyzer that captures and interactively displays packets from computer networks. It allows network administrators, security professionals, and developers to examine network traffic in detail, troubleshoot problems, analyze protocol behavior, and debug network applications.
Network administrators, security analysts, software developers working with network protocols, and educators teaching networking concepts who need to inspect and analyze network traffic.
Wireshark offers the most comprehensive protocol support available in any network analyzer, with deep packet inspection capabilities, cross-platform availability, and both GUI and command-line tools. Its extensive filtering system and ability to read numerous capture file formats make it the industry standard for network analysis.
Read-only mirror of Wireshark's Git repository at https://gitlab.com/wireshark/wireshark. You're welcome to submit pull requests there.
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
Offers deep inspection of hundreds of protocols and allows adding new ones via plugins, as emphasized in the README's focus on rich protocol dissection.
Runs on Linux, macOS, Windows, and Unix-like systems with official packages, ensuring broad availability for network professionals across environments.
Enables precise traffic isolation with display filters, making it efficient for troubleshooting specific network issues or protocol details.
Includes TShark for command-line analysis and editcap for file manipulation, providing versatility beyond the GUI for scripting and automation.
Building from source requires Python 3, AsciiDoctor, Perl, and flex, increasing setup complexity compared to simpler packet sniffers.
Live packet capture necessitates configuring dumpcap with set-UID root or special device access, posing security risks and administrative hurdles.
The extensive filtering syntax and deep protocol details can overwhelm users without prior networking expertise, despite comprehensive documentation.