What is Wireshark in cyber security?
The most widely known and used tool in cyber security is Wireshark, which is a network protocol analyzer or packet sniffer.
The tool comes packaged with a variety of pre-configured and easy-to-use capture filters with tools and options to configure each one manually according to the needs of the operator. It supports capture filtering for different packet types such as 802.11, Bluetooth, TCP/IP and many others.
What are some of the basic features of Wireshark? It allows you to view traffic on the wire. Using Wireshark, you can see what protocols are used and how traffic is being carried on your network or Internet. You can perform deep inspection by using filters on the captured data and can look at what kind of devices and other hosts are sending out traffic across your network. It also allows you to look at the applications or programs that are running across your system. It is also possible to capture and save captured traffic across an ongoing network session allowing you to access it later to look at details on specific packets and flows.
Wireshark also gives you a visual representation of traffic across your network. The Wireshark user interface itself is an open source client/server application consisting of several modules. There are two modules: the graphical user interface (GUI) and the network packet analysis engine (NPE). The GUI is responsible for rendering the protocol dissections displayed on the screen while the NPE handles the heavy work of protocol decoding and capturing.
You will get full support and documentation for everything in the Wireshark manual if you do a few more tasks such as getting a license. There are some good tutorials to assist you in getting Wireshark setup. To get started with a tutorial that is already set up for your system, go to and select the version that works best with your operating system.
Who owns Wireshark? The Wireshark tool is owned and developed by the European Network and Information Security Agency (ENISA) together with the University of Leipzig and University of Innsbruck. ENISA offers several products of high quality and stability under the brand name ENISA Security Lab, including their flagship product, WireShark.
Who uses Wireshark?
Related Answers
Can you download Wireshark for free?
Yes. Wireshark is a free software network protocol analyz...
How to capture Wi-Fi on Wireshark?
In this article, I'll teach you how to capture the Wi-Fi traffic on Wire...
How to analyse Wireshark traffic?
What is the difference between Protocol and Application? How do I f...