Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark has a rich feature set which includes the following:
-Deep inspection of hundreds of protocols, with more being added all the time
-Live capture and offline analysis
-Standard three-pane packet browser
-Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
-Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
-The most powerful display filters in the industry
-Rich VoIP analysis
-Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
-Capture files compressed with gzip can be decompressed on the fly
-Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
-Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
-Coloring rules can be applied to the packet list for quick, intuitive analysis
-Output can be exported to XML, PostScript®, CSV, or plain text
↧
Wireshark
↧
Ethereal
Ethereal® is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows.
↧
↧
NetworkMiner
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.
↧
netcat
Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.
↧
SmartSniff
SmartSniff is a packet sniffer that capture TCP/IP packets and display them as sequence of conversations between clients and servers. You can view the TCP/IP conversations in Ascii mode (for text-based protocols, like HTTP, SMTP, POP3 and FTP) or as hex dump (for non-text base protocols, like DNS). Application can capture TCP/IP packets on your network without installing a capture driver (works only for Windows 2000/XP or greater).
↧
↧
LANGuardian
NetFort LANGuardian monitors bandwidth, Windows file shares, and Internet activity on your network.
↧
HTTPNetworkSniffer
Packet sniffer tool that captures all HTTP requests/responses sent between the Web browser and the Web server and displays them in a simple table.
↧
TcpLogView
TcpLogView is a simple utility that monitors the opened TCP connections on your system, and adds a new log line every time that a TCP connection is opened or closed.
↧
AirSnare
AirSnare monitors network traffic for unfriendly MAC addresses and alerts you when a MAC address is found that isn't on the friendly list. AirSnare also monitor DHCP requests from clients.
↧
↧
Colasoft Capsa
Colasoft network packet sniffer or network analyzer software for Windows platform, sniff packets, monitor activities and analyze protocols, best tool for network monitoring and troubleshooting, Free trial available, download now.
↧
Cain & Abel
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocols standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users.
Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.
The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authent
↧
Intercepter-NG
Intercepter-NG is a multifunctional network toolkit for various types of IT specialists.
The main purpose is to recover *interesting* data from the network stream and perform different kinds of MiTM attacks.
Intercepter-NG offers the following features:
+ Sniffing passwords\hashes of the types:
ICQ\IRC\AIM\FTP\IMAP\POP3\SMTP\LDAP\BNC\SOCKS\HTTP\WWW\NNTP\CVS\TELNET\MRA\DC++\VNC\MYSQL\ORACLE\NTLM\KRB5\RADIUS
+ Sniffing chat messages of: ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA
+ Reconstructing files from: HTTP\FTP\IMAP\POP3\SMTP\SMB
+ Promiscuous-mode\ARP\DHCP\Gateway\Port\Smart Scanning\
+ Capturing packets and post-capture (offline) analyzing\RAW Mode
+ Remote traffic capturing via RPCAP daemon\PCAP Over IP
+ NAT\SOCKS\DHCP
+ ARP\DNS over ICMP\DHCP\SSL\SSLSTRIP\WPAD\SMBRelay\SSH MiTM
+ DNS\NBNS\LLMNR Spoofing
↧