Wireshark
Network protocol analyzer for deep packet inspection and forensic debugging.
Why it is included
Essential open tool for engineers proving what actually happens on the wire.
Best for
Netops, security analysts, and developers debugging protocols.
If you use Windows, Mac, or paid tools
Packet capture alternative to OmniPeek (paid), Savvius, and some closed network analyzers.
Strengths
- Dissectors
- Capture ecosystem
- Education
Limitations
- Sensitive data handling discipline required
Good alternatives
tcpdump · termshark
Related tools
Networking & Remote Access
OpenSSH
SSH suite for secure remote access and file transfer.
Security & Privacy
bettercap
Network attack framework: Wi-Fi, BLE, LAN recon, ARP/DNS spoofing, proxy, and modular caplets.
Security & Privacy
Volatility 3
Advanced memory forensics framework for extracting artifacts from RAM dumps across OS versions.
Security & Privacy
radare2
Unix-style reversing framework: disasm, debug, binary patching, esil, and rich CLI automation.
Security & Privacy
Suricata
High-performance IDS/IPS and network security monitoring with multi-threading, TLS inspection options, and Lua scripting.
Security & Privacy
Snort
Classic packet-sniffing IDS/IPS with rule language and community rule feeds; Snort 3 improves scaling.