Get full access to Penetration Testing Bootcamp and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Wireshark

Wireshark is one of the most important tools you can utilize for looking at what is happening on the network. It allows you to look at every piece of information about this packet you could ever want to see. It starts at the physical layer and goes up from there. Wireshark was originally called Ethereal, but later changed to Wireshark.

Wireshark is very similar to tcpdump, but has a graphical interface tied around it and has some additional features, as follows:

Color coding packet types that can be changed and customized
Ability to look at new protocols with plugins
Voice over IP calls can be captured as well
Ability to click on packets and follow the stream

Here is a screenshot of Wireshark when it first starts up. You can enter ...

Get Penetration Testing Bootcamp now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now