Wireshark

Wireshark has been around for ages and is
extremely popular. Wireshark allows the
pentester to put a network interface into a
promiscuous mode and therefore see all
traffic. This tool has many features such as
being able to capture data from live network
connection or read from a file that saved
already-captured packets. Wireshark is able
to read data from a wide variety of
networks, from Ethernet, IEEE 802.11, PPP,
and even loopback. Like most tools in our
2013 Concise Courses Security List the
captured network data can be monitored and
managed via a GUI – which also allows for
plug-ins to be inserted and used. Wireshark
can also capture VoIP packets and raw USB
traffic can also be captured.