Wireshark
Wireshark® is a network protocol analyser that allows you to capture and interactively browse network traffic. It has a rich and powerful feature set and is one of the most popular tools of its kind. Network professionals, security experts, developers, and educators around the globe use Wireshark regularly as a key application in their suite of monitoring tools.
Freely available as open-source software, Wireshark is released under the GNU General Public License version 2. The application is developed and maintained thanks to the contributions of a global team of protocol experts.
Wireshark “understands” the structure of different networking protocols. It is able to display the encapsulation and the fields, along with their meanings, of different packets specified by different networking protocols.
Wireshark’s most powerful feature is its vast array of display filters (over 105,000). These filters allow you to drill down to the precise traffic you want to see and are the basis of many of Wireshark’s other features, such as the colouring rules.
Wireshark uses PCAP to capture packets, and as such can only capture packets on the types of networks that PCAP supports.
