Wireshark

Detailed Review

Wireshark is the world most widely used open-source network protocol analyzer. It captures and inspects network traffic in real time with deep inspection of over 3,000 protocols. Security professionals use it to troubleshoot network issues, analyze security incidents, and verify encryption implementations. Features include live capture and offline analysis, deep protocol inspection, powerful display filters, VoIP analysis, and decryption support for TLS, WPA2, and other protocols. Available on Windows, macOS, and Linux. TShark provides a command-line alternative. Completely free under the GPL license.