Command-line packet analyzer for monitoring, capturing, and filtering network traffic in real time. Supports TCP/IP protocols, pcap file export, BPF syntax, timestamped outputs, and works on UNIX-like systems with both wired and wireless interfaces.



The best open source alternative to Wireshark is tcpdump. If that doesn't suit you, our users have ranked more than 50 alternatives to Wireshark and many of them is open source so hopefully you can find a suitable replacement. Other interesting open source alternatives to Wireshark are NetworkMiner, Proxyman, Ettercap and PCAPdroid.
Command-line packet analyzer for monitoring, capturing, and filtering network traffic in real time. Supports TCP/IP protocols, pcap file export, BPF syntax, timestamped outputs, and works on UNIX-like systems with both wired and wireless interfaces.



NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can extract transmitted files and certificates from PCAP files containing HTTP, FTP, SMB, SMB2, TFTP and several other protocols.




Monitor, intercept and debug HTTP/HTTPS and WebSocket traffic on macOS, iOS, Windows, and Linux. Includes advanced features such as Breakpoint, Map Local/Remote, scripting, filtering, reverse proxy, DNS spoofing, and automation for backend development.




Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.

PCAPdroid is an android app to capture the phone traffic and analyze it remotely (e.g. via Wireshark). The traffic can be easily downloaded from a remote device thanks to the integrated HTTP server, or streamed to a remote UDP receiver.




If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help!
Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Think of it as strace + tcpdump + lsof + awesome sauce.
Real-time macOS network tool captures, displays, and filters TCP traffic using AppKit, libpcap, and Wireshark libraries, supports PCAP/PCAPNG files, offers protocol filters, drag-and-drop, noise reduction, detailed packet review, export options, and grouped traffic analysis.



It's open source and use CLI