Main menu

Pages

Wireshark 3.6.8 / 3.4.16 / 3.7.2 Dev / 4.0.0 RC1

Wireshark is the world’s foremost network protocol analyzer. You can use it for network troubleshooting, analysis, software and communications protocol development, and education.

Wireshark lets you capture and interactively browse the traffic running on a computer network. It is cross-platform, using the GTK+ widget toolkit to implement its user interface, and using pcap to capture packets.

It is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark is very similar to tcpdump but has a graphical front-end. In addition, some integrated sorting and filtering options.

Wireshark allows the user to put the network interfaces that support promiscuous mode into that mode, to see all traffic visible on that interface, not just traffic addressed to one of the interface’s configured addresses and broadcast/ multicast traffic.

However, when capturing with a packet analyzer in promiscuous mode on a port on a network switch, not all of the traffic travelling through the switch will necessarily be sent to the port on which the capture is being done. So capturing in promiscuous mode will not necessarily be sufficient to see all traffic on the network. Port mirroring or various network taps extend capture to any point on the net. Simple passive taps are extremely resistant to malware tampering.

Wireshark Features:

  • Deep inspection of hundreds of protocols, with more being added all the time
  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Multi-platform. Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
  • Can browse the captured network data via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis
  • Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog. Microsoft Network Monitor, Network General Sniffer, Sniffer Pro, and NetXray. Also Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor. Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
  • Capture files compressed with gzip can be decompressed on the fly
  • Can read the Live data from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others
  • Decryption support for many protocols. Including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Applies the colouring rules to the packet list for quick, intuitive analysis
  • Allows the Output to export to XML, PostScript, CSV, or plain text

DOWNLOAD Wireshark 4.0.0 RC1 for Windows 64-bit
DOWNLOAD Wireshark 4.0.0 RC1 Portable for Windows 64-bit
DOWNLOAD Wireshark 4.0.0 RC1 for macOS Arm 64-bit
DOWNLOAD Wireshark 4.0.0 RC1 for macOS Intel 64-bit
DOWNLOAD Wireshark 4.0.0 RC1 Source Code
 
DOWNLOAD Wireshark 3.7.2 Dev for Windows 64-bit
DOWNLOAD Wireshark 3.7.2 Dev Portable for Windows 64-bit
DOWNLOAD Wireshark 3.7.2 Dev for macOS Arm 64-bit
DOWNLOAD Wireshark 3.7.2 Dev for macOS Intel 64-bit
DOWNLOAD Wireshark 3.7.2 Dev Source Code
 
DOWNLOAD Wireshark 3.6.8 for Windows 32-bit
DOWNLOAD Wireshark 3.6.8 for Windows 64-bit
DOWNLOAD Wireshark 3.6.8 Portable for Windows 32-bit
DOWNLOAD Wireshark 3.6.8 Portable for Windows 64-bit
DOWNLOAD Wireshark 3.6.8 for macOS Arm 64-bit
DOWNLOAD Wireshark 3.6.8 for macOS Intel 64-bit
DOWNLOAD Wireshark 3.6.8 Source Code
 
DOWNLOAD Wireshark 3.4.16 for Windows 32-bit
DOWNLOAD Wireshark 3.4.16 for Windows 64-bit
DOWNLOAD Wireshark 3.4.16 Portable
DOWNLOAD Wireshark 3.4.16 for macOS
DOWNLOAD Wireshark 3.4.16 Source Code

Comments