What is Wireshark?
Wireshark is a network packet analyzer. A network packet analyzer used to capture network packets and display that packet data as detailed as possible.
My network capturing was done on wireshark on kali linux,
Some intended uses of wireshark
1.Network administrators use it to troubleshoot network problems
2.Network security engineers use it to examine security problems
3.Engineers use it to verify network applications
4.Developers use it to debug protocol implementations
5.People use it to learn network protocol internals
Features of wireshark
The following are some of the many features Wireshark provides:
1.Available for UNIX, LINUX and Windows.
2.Capture live packet data from a network interface.
3.Open files containing packet data captured with tcpdump/WinDump, Wireshark, and a number of other packet capture programs.
4.Import packets from text files containing hex dumps of packet data.
5.Display packets with very detailed protocol information.
6.Save packet data captured.
7.Export some or all packets in a number of capture file formats.
8.Filter packets on many criteria.
9.Search for packets on many criteria.
10.Colorize packet display based on filters.
11.Create various statistics.