SharkFest '18 EUROPE is on! Find out more at https://sharkfesteurope.wireshark.org.

Download

Get Started Now

Learn

Knowledge is Power

Go Beyond

With SharkFest Sponsors

About Wireshark

Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark development thrives thanks to the volunteer contributions of networking experts around the globe and is the continuation of a project started by Gerald Combs in 1998.

Wireshark has a rich feature set which includes the following:

  • Deep inspection of hundreds of protocols, with more being added all the time
  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Multi-platform: Runs on Windows, Linux, macOS, Solaris, FreeBSD, NetBSD, and many others
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis
  • Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
  • Capture files compressed with gzip can be decompressed on the fly
  • Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Coloring rules can be applied to the packet list for quick, intuitive analysis
  • Output can be exported to XML, PostScript®, CSV, or plain text

What is SharkFest?

SharkFest™, launched in 2008, is a series of annual educational conferences staged in various parts of the globe and focused on sharing knowledge, experience and best practices among the Wireshark® developer and user communities.

SharkFest attendees hone their skills in the art of packet analysis by attending lecture and lab-based sessions delivered by the most seasoned experts in the industry. Wireshark core code contributors also gather during the conference days to enrich and evolve the tool to maintain its relevance in ensuring the productivity of modern networks.

SharkFest Mission

SharkFest’s aim is to support ongoing Wireshark development, to educate and inspire current and future generations of computer science and IT professionals responsible for managing, troubleshooting, diagnosing and securing legacy and modern networks, and to encourage widespread use of the free analysis tool. Per Gerald Combs, Wireshark project Founder …“Wireshark is a tool and a community. My job is to support both”.

SharkFest GOALS

  1. To educate current and future generations of network engineers, network architects, application engineers, network consultants, and other IT professionals in best practices for troubleshooting, securing, analyzing, and maintaining productive, efficient networking infrastructures through use of the Wireshark free, open source analysis tool.
  2. To share use cases and knowledge among members of the Wireshark user and developer communities in a relaxed, informal milieu.
  3. To remain a self-funded, independent, educational conference hosted by a corporate sponsor.

SharkFest Conferences

SharkFest’18 ASIA (New!)

  • April 9th, 1-day pre-conference Wireshark University “Troubleshooting with Wireshark” class
  • April 9th – 11th, SharkFest Conference (Welcome Dinner begins at 6:00 pm on 4/9 after “TwW” class ends)
  • Location: Nanyang Executive Centre
    Nanyang Technological University
    Singapore

SharkFest’18 US

  • June 23rd – 25th, 3-day pre-conference Wireshark University “Troubleshooting with Wireshark” class
  • June 25th – 28th, SharkFest Conference (Welcome Dinner begins at 6:00 pm on 6/25 after “TwW”class ends)
  • Location: Computer History Museum
    Mountain View, CA

SharkFest’18 EUROPE

  • October 29th – 30th, 2-day pre-conference Wireshark University “Troubleshooting with Wireshark” class
  • October-November 30th – 2nd , SharkFest Conference (Welcome Dinner begins at 6:00 pm on 6/25 after “TwW”class ends)
  • Location: Imperial Riding School Renaissance Hotel
    Vienna

The Wireshark Foundation is profoundly grateful to the organizations that have generously supported SharkFest™ educational conferences over the years. Please join us in thanking them by reviewing their Wireshark use-enhancing technology, training, and services either at a SharkFest event, or through clicking on their ads below.

Learn Wireshark

Wireshark Training

Return to the Packet Trenches Part 1: Back to Basics

Return to the Packet Trenches Part 2: Multiplying the Effectiveness of Wireshark’s CLI

CLI Extension Reference Materials used in this presentation:

Wireshark CLI tools & scripting (by Sake Blok)

https://sharkfestus.wireshark.org/assets/presentations18/33.zip

Presentation Video (1:11:14):

TShark Command Line using PowerShell (by Graham Bloice)

https://sharkfesteurope.wireshark.org/assets/presentations17eu/33.7z

Custom LUA dissectors to the rescue in root cause analysis (by Sake Blok)

For more "Packet Trenches" resources, check out these links:

SharkFest™ Wireshark Educational Conferences

Join Gerald Combs, Hansang Bae, Kary Rogers, Sake Blok, Jasper Bongertz, Christian Landström, Phill Shade, and many other packet analysis experts at SharkFest, an immersive Wireshark training experience.

Contact [email protected] for more info.

Chappell University

Visit https://www.chappellu.com/.

More Resources

Wireshark Q&A

Frequently Asked Questions

Mailing Lists

Online Tools

Wireshark Wiki

Bug Tracker

Development

Developer's Guide

The Wireshark Developers's Guide is available in several formats:
Web pages (browseable): One huge page or multiple pages
Web pages (ZIP file): One huge page or multiple pages
PDF
Windows HTML Help

Videos and Presentations

Videos

Hands on with Wireshark (11m 43s)
Hansang Bae shows you tips and tricks used by insiders and veterans. First in a series.

SharkFest Presentations

SharkFest features presentations from a variety of knowledgeable, informative speakers.

SF'18 US: TCP - Tips, Tricks & Traces - Part 1 (Chris Greer)
SF'18 US: TCP - Tips, Tricks & Traces - Part 2 (Chris Greer)
SF'18 ASIA: Using Wireshark to Solve Real Problems for Real People (Kary Rogers)
SF'18 ASIA: Designing a Packet Capture Strategy (John Pittle)
SF'17 EUROPE: My TCP Ain't Your TCP (Simon Lindermann)
SF'17 EUROPE: Turning Wireshark into a Traffic Monitoring Tool (Luca Deri)
SF'17 EUROPE: SMB Handshake: The Devil Lies in the Detail (Eduard Blenkers)
SF'17 US: Practical Tracewrangling - Part 1 (Jasper Bongertz)
SF'17 US: Practical Tracewrangling - Part 2 (Jasper Bongertz)
SF'17 US: Analysis of Multi-point Captures - Part 1 (Jasper Bongertz/Christian Landström)
SF'17 US: Analysis of Multi-point Captures - Part 2 (Jasper Bongertz/Christian Landström)
SF'17 US: Undoing the Network Blame Game (Chris Greer)
SF'16 EUROPE: SSL Troubleshooting (Sake Blok)
SF'15 US: Changing Wireshark with Lua (Hadriel Kaplan)
SF'15 US: Wireshark Dissectors: 3 Ways to Eat Bytes (Graham Bloice)
SF'15 US: Intro to Wireshark: Making Sense of the Matrix (Chris Greer)
SF'15 US: IPv6 Briefly (Jeff Carrell)
SF'15 US: Troubleshooting Router Protocols with Wireshark (John Schreiner)

User Documentation

User's Guide

The Wireshark User's Guide is available in several formats:
Web pages (browseable): One huge page or multiple pages
Web pages (ZIP file): One huge page or multiple pages
PDF
Windows HTML Help

Command-line Manual Pages

UNIX-style man pages for Wireshark, TShark, dumpcap, and other utilities

Display Filter Reference

All of Wireshark's display filters, from version 1.0.0 to present.

Release Notes

Version 0.99.2 to present.

Security Advisories

Information about vulnerabilities in past releases and how to report a vulnerability

Bibliography

Books, articles, videos and more!

Mirroring Instructions

How to set up a wireshark.org mirror

Export Regulations

Our primary distribution point and how it affects you

News and Events

Devices

  • SharkFest'18 EUROPE

    Wireshark Developer and User Conference
    Oct 29 - Nov 2nd
    Imperial Riding School Renaissance Hotel
    Vienna, Austria

Devices

Download Wireshark

The current stable release of Wireshark is 2.6.4.

Stable Release (2.6.4) • October 11, 2018

Windows Installer (64-bit)
Windows Installer (32-bit)
Windows PortableApps® (32-bit)
macOS 10.6 and later Intel 64-bit .dmg
Source Code

Windows Installer (64-bit)
Windows Installer (32-bit)
Windows PortableApps® (32-bit)
macOS 10.6 and later Intel 64-bit .dmg
Source Code

Online (Multiple Pages)
Online (Single Page)
All Documentation

More downloads and documentation can be found on the downloads page.

SharkFest Sponsors