SharkFest '17 Europe is on! Find out more at https://sharkfesteurope.wireshark.org.

Download

Get Started Now

Learn

Knowledge is Power

Go Beyond

With Riverbed Technology

About Wireshark

Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark development thrives thanks to the volunteer contributions of networking experts around the globe and is the continuation of a project started by Gerald Combs in 1998.

Wireshark has a rich feature set which includes the following:

  • Deep inspection of hundreds of protocols, with more being added all the time
  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Multi-platform: Runs on Windows, Linux, macOS, Solaris, FreeBSD, NetBSD, and many others
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis
  • Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
  • Capture files compressed with gzip can be decompressed on the fly
  • Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Coloring rules can be applied to the packet list for quick, intuitive analysis
  • Output can be exported to XML, PostScript®, CSV, or plain text

SharkFest is an annual 4-day educational conference focused on sharing knowledge, experience and best practices among members of the Wireshark global developer and user communities. Participants come together to hone their skills in the art of packet analysis by attending a rich and varied schedule of sessions taught by the most seasoned experts in the industry.

Find out more!

Take Wireshark to New Depths Heights with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic…

ANSWER: SteelCentral™ Packet Analyzer PE

  • • Visually rich, powerful LAN analyzer
  • • Quickly access very large pcap files
  • • Professional, customizable reports
  • • Advanced triggers and alerts
  • • Fully integrated with Wireshark and AirPcap™
Learn More Buy Now

No, really, I have a LOT of traffic…

ANSWER: SteelCentral™ NetShark appliance

  • • Troubleshoot problems faster
  • • Quickly identify the applications running on your network
  • • Monitor your virtual machine traffic
Learn More

I need to capture wireless traffic…

ANSWER: AirPcap™ 802.11 Packet Capture

  • • WLAN packet capture and transmission
  • • Full 802.11 a/b/g/n support
  • • View management, control and data frames
  • • Multi-channel aggregation (with multiple adapters)
Learn More Buy Now

Learn Wireshark

Wireshark Training

In the Packet Trenches: A Time-Tested Approach to Packet Analysis and Troubleshooting

First of a 3-part webinar series delivered by Hansang Bae, packet analysis guru, on February 11, 2016

Playlist for Hansang Bae’s Wireshark troubleshooting book chapters + Q&A from February 11th “In the Packet Trenches” webcast

“In the Packet Trenches” Webcast Series Dates/Times

Thursday, February 11, 2016 | 10:00AM PT / 1:00PM ET / 6:00PM GMT (recording now available)
Thursday, May 12, 2016 | 10:00AM PT / 1:00PM ET / 6:00PM GMT
Thursday, August 18, 2016 | 10:00AM PT / 1:00PM ET / 6:00PM GMT

SharkFest™ Wireshark Educational Conferences

Join Laura Chappell, Hansang Bae, Betty DuBois, Jasper Bongertz and other packet analysis experts at SharkFest, an immersive Wireshark training experience, taking place:

  • June 17th-22nd 2017, Carnegie Mellon University, Pittsburgh, PA
  • SharkFest’17 Europe – Dates and Location TBD
Contact [email protected] for more info.

Wireshark University

Co-founded by Laura Chappell, inspirational instructor, consultant, and Wireshark expert, provides training, Network Analyst Certification, and resources for all levels of Wireshark users.

Visit http://www.wiresharktraining.com/.

Wireshark Certified Network Analyst: Official Exam Prep Guide

Want to become a Wireshark Certified Network Analyst? This book gives you 300 practice questions along with an accompanying practice CD.

More Resources

Wireshark Q&A

Frequently Asked Questions

Mailing Lists

Online Tools

Wireshark Wiki

Bug Tracker

Development

Developer's Guide

The Wireshark Developers's Guide is available in several formats:
Web pages (browseable): One huge page or multiple pages
Web pages (ZIP file): One huge page or multiple pages
PDF: US or A4
Windows help: CHM file

Videos and Presentations

Videos

Hands on with Wireshark (11m 43s)
Hansang Bae shows you tips and tricks used by insiders and veterans. First in a series.

SharkFest Presentations

SharkFest features presentations from a variety of knowledgeable, informative speakers.

User Documentation

User's Guide

The Wireshark User's Guide is available in several formats:
Web pages (browseable): One huge page or multiple pages
Web pages (ZIP file): One huge page or multiple pages
PDF: USor A4
Windows help: CHM file

Command-line Manual Pages

UNIX-style man pages for Wireshark, TShark, dumpcap, and other utilities

Display Filter Reference

All of Wireshark's display filters, from version 1.0.0 to present.

Release Notes

Version 0.99.2

Security Advisories

Information about vulnerabilities in past releases and how to report a vulnerability

Bibliography

Books, articles, videos and more!

Mirroring Instructions

How to set up a wireshark.org mirror

Export Regulations

Our primary distribution point and how it affects you

News and Events

Devices

  • SharkFest '17 US

    Wireshark Developer and User Conference
    June 17th - 22nd
    Carnegie Mellon University
    Pittsburgh, PA

    • Devices

  • Introduction to Wireshark 2.0


    Live Webinar with Laura Chappell
    and Gerald Combs

    Watch this video to learn the basics of the newest Wireshark release!

    Trace Files
    Review PDF

  • Troubleshooting with Wireshark

    By Laura Chappell
    Foreword by Gerald Combs
    Edit by Jim Aragon

    This book focuses on the tips and techniques used to identify the symptoms and determine possible causes of lousy network performance using Wireshark. Join Laura for the live course as well!

    Book Info
    Course Info
    More News

Download Wireshark

The current stable release of Wireshark is 2.4.1.

Stable Release (2.4.1) • August 29, 2017

Windows Installer (64-bit)
Windows Installer (32-bit)
Windows PortableApps® (32-bit)
macOS 10.6 and later Intel 64-bit .dmg
Source Code

Online (Multiple Pages)
Online (Single Page)
All Documentation

More downloads and documentation can be found on the downloads page.