Wireshark Portable is a very popular, completely free and highly recommended network protocol analyzer. It can view data in real-time and also log the data being sent on a network to a file on disk.
As a portable application, Wireshark Portable can be run from virtually anywhere and does not need to be installed; that means no leftovers when you're doing using the application.
With Wireshark, you can perform real-time and interactive analysis of the data that has been captured, perfect for diagnosis errors on a network.
Some of the powerful features available with Wireshark include the ability to view the (reconstructed) stream of a TCP/UDP session while supporting literally hundreds of different types of data and media.
Unlimited version of PRTG for 30 days. After 30 days, PRTG reverts to a free version. Or, you can upgrade to a paid license anytime. Download Wireshark 64-bit 3.0.2 for Windows. Fast downloads of the latest free software!
Download Wireshark For Windows 10
A separate program is also include called tshark. For those familiar, tshark is Wireshark's equivalent of tcpdump which is traditionally a console-only version of Wireshark.
Called by some the Swiss army knife of network troubleshooting, is it by far one of the best Network sniffers available on the market and the very best among free applications.
Overall, Wireshark Portable is a very useful and powerful packet analyzer which can diagnose many types of issues affecting a computer.
Features and highlights
- Data can be captured 'from the wire' from a live network connection or read from a file of already-captured packets
- Live data can be read from a number of types of networks, including Ethernet, IEEE 802.11, PPP, and loopback
- Captured network data can be browsed via a GUI, or via the terminal (command line) version of the utility, TShark
- Captured files can be programmatically edited or converted via command-line switches to the 'editcap' program
- Data display can be refined using a display filter
- Plug-ins can be created for dissecting new protocols
- VoIP calls in the captured traffic can be detected
- Raw USB traffic can be captured
Wireshark Portable on 32-bit and 64-bit PCs
This download is licensed as freeware for the Windows (32-bit and 64-bit) operating system on a laptop or desktop PC from network auditing software without restrictions. Wireshark Portable 3.4.0 is available to all software users as a free download for Windows 10 PCs but also without a hitch on Windows 7 and Windows 8.
Compatibility with this network diagnostics software may vary, but will generally run fine under Microsoft Windows 10, Windows 8, Windows 8.1, Windows 7, Windows Vista and Windows XP on either a 32-bit or 64-bit setup. A separate x64 version of Wireshark Portable may be available from Gerald Combs.
Download Netshare For Windows 10Filed under:
- Wireshark Portable Download
- Freeware Network Auditing Software
- Open source and GPL software
- Portable Software
- Major release: Wireshark Portable 3.4
NetworkMiner is an open source Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.
NetworkMiner makes it easy to perform advanced Network Traffic Analysis (NTA) by providing extracted artifacts in an intuitive user interface. The way data is presented not only makes the analysis simpler, it also saves valuable time for the analyst or forensic investigator.
NetworkMiner has, since the first release in 2007, become a popular tool among incident response teams as well as law enforcement. NetworkMiner is today used by companies and organizations all over the world.
|NetworkMiner (free edition)||NetworkMiner Professional|
|Parse PCAP files|
|Parse PcapNG files|
|Extract files from FTP, TFTP, HTTP, HTTP/2, SMB, SMB2, SMTP, POP3 and IMAP traffic|
|Extract X.509 certificates from SSL encrypted traffic like HTTPS, SMTPS, IMAPS, POP3S, FTPS etc.|
|Decapsulation of GRE, 802.1Q, PPPoE, VXLAN, OpenFlow, SOCKS, MPLS and EoMPLS|
|Runs in Windows and Linux|
|OS Fingerprinting (*)|
|Audio extraction and playback of VoIP calls|
|OSINT lookups of file hashes, IP addresses, domain names and URLs|
Protocol Identification (PIPI)
|User Defined Port-to-Protocol Mappings (decode as)|
|Export to CSV / Excel / XML / CASE / JSON-LD|
|Configurable file output directory|
|Configurable time zone (UTC, local or custom)|
|Geo IP localization (**)|
|DNS Whitelisting (***)|
|Advanced OS fingerprinting|
|Web browser tracing (4:10 into this video)|
|Online ad and tracker detection|
|Host coloring support|
|Command line scripting support||(through NetworkMinerCLI)|
|Price||Free||$ 900 USD|
|Download NetworkMiner |
| * Fingerprinting of Operating Systems (OS) is performed by using databases from Satori and p0f|
** This product includes GeoLite data created by MaxMind, available from http://maxmind.com/
*** Domain names in the DNS tab are checked against the Alexa top 1,000,000 sites
NetworkMiner can extract files, emails and certificates transferred over the network by parsing a PCAP file or by sniffing traffic directly from the network.
NetworkMiner showing files extracted from sniffed network traffic to disk
NetworkMiner showing thumbnails for images extracted to disk
User credentials (usernames and passwords) for supported protocols are extracted by NetworkMiner and displayed under the 'Credentials' tab. The credentials tab sometimes also show information that can be used to identify a particular person, such as user accounts for popular online services like Gmail or Facebook.
Another very useful feature is that the user can search sniffed or stored data for keywords. NetworkMiner allows the user to insert arbitrary string or byte-patterns that shall be searched for with the keyword search functionality.
NetworkMiner Professional can be delivered either as an Electronic Software Download (ESD) or shipped physically on a USB flash drive. The product is exactly the same, regardless of delivery method. NetworkMiner is a portable application that doesn't require any installation, which means that the USB version can be run directly from the USB flash drive. However, we recommend that you copy NetworkMiner to the local hard drive of your computer in order to achieve maximum performance.
» How To Buy NetworkMiner Professional «
The latest version of NetworkMiner can be downloaded from:
» https://www.netresec.com/?download=NetworkMiner « (executable application)
SHA256 hash: 34d81e42eec33183b79191de165ae506933fa3bb5b1fd836e70ef81468c9c65b
» https://www.netresec.com/?page=NetworkMinerSourceCode « (source code)
SHA256 hash: 8dc5802cd90eb081097398b8b6606e0c56dcf7498616a5a28d01e6b247e168a1
Wireshark Download Linux
For older releases of NetworkMiner (prior to version 2.0), please visit the NetworkMiner page on SourceForge:
However, please note that we no longer release new versions of NetworkMiner on SourceForge.
|Version||Release Date||Major Improvements|
|Improved extraction and presentation of emails, password hashes, FTP transfers and artifacts from HTTP and HTTP/2 traffic. .|
|JA3 hash extraction and parsers for the HTTP/2, DoH and CIFS browser protocol.|
|Username extraction from Kerberos traffic, ICS device fingerprinting and improved Linux support.|
|Improved email and VoIP call extraction.|
|VoIP call audio extraction and playback as well as OSINT lookups of file hashes, IP addresses, domain names and URLs.|
|Faster parsing speed (x2) and CASE export.|
|Improved HTTP parser.|
|NetworkMiner 2.1||2017-01-11||New protocols: POP3, IMAP, VXLAN, OpenFlow and SOCKS.|
|NetworkMiner 2.0||2016-02-09||New protocols: SMB2 and Modbus/TCP.|
|NetworkMiner 1.6||2014-06-16||Improved SMTP and DNS parsing.|
|NetworkMiner 1.5||2013-08-07||New protocols: PPPoE and LLMNR, fixed two vulnerabilities.|
|NetworkMiner 1.4||2012-08-16||New protocol: IEC 60870-5-104.|
|NetworkMiner 1.3||2012-04-12||Username and password from HTTP Digest Authentication (RFC 2617).|
|NetworkMiner 1.2||2011-11-19||New protocol: GRE, platform independent (works in Linux, Mac OSX etc).|
|NetworkMiner 1.1||2011-09-15||New protocol: PPP. Screen resolution, color depth, browser language and flash version extracted from Google Analytics.|
|NetworkMiner 0.71||2007-02-16||First public release of NetworkMiner.|
There are also several blog posts about NetworkMiner on the NETRESEC Network Security Blog: