Wireshark Alternatives for Linux

    There are many alternatives to Wireshark for Linux if you are looking for a replacement. The best Linux alternative is tcpdump, which is both free and Open Source. If that doesn't suit you, our users have ranked more than 50 alternatives to Wireshark and many of them are available for Linux so hopefully you can find a suitable replacement. Other interesting Linux alternatives to Wireshark are CloudShark (Paid), Intercepter-NG (Free), Nethogs (Free, Open Source) and Ettercap (Free, Open Source).

    This page was last updated Jul 28, 2021

      • FreeOpen Source
      • Mac
      • Windows
      • Linux
      • BSD
      tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.
      show more
      tcpdump vs Wireshark opinions
      Most users think tcpdump is a great alternative to Wireshark.
      It's open source and use CLI
      Positive comment almost 2 years ago

      0
      • Mac
      • Windows
      • Linux
      • Online
      • Android
      • iPhone
      • Android Tablet
      • iPad
      A web based platform that lets you view, analyze, and share packet capture files in a browser. Works in Safari for iPad and iPhone.
      Most users think CloudShark is a great alternative to Wireshark.


      • FreeProprietary
      • Mac
      • Windows
      • Linux
      • Android
      • iPhone
      • Android Tablet
      • BSD
      • iPad
      Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. The main purpose is to recover *interesting* data from the network stream and perform different kinds of MiTM attacks.

      Discontinued

      App unavailable on Play Store and website is flagged by modern browsers as potentially malicious.

      Warning

      Website blocked by modern browsers as possible trojan.

      show more
      Most users think Intercepter-NG is a great alternative to Wireshark.
      • FreeOpen Source
      • Linux
      • Xfce
      NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs does not rely on a special kernel module to be loaded.
      • FreeOpen Source
      • Mac
      • Windows
      • Linux
      Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
      Most users think Ettercap is a great alternative to Wireshark.


    1. Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Think of it as strace + tcpdump + lsof + awesome sauce. With a little Lua cherry on top.
      No screenshots yet
      • FreeOpen Source
      • Windows
      • Linux
      Ethereal® is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.

      Discontinued

    2. PacketSled is next generation network forensics and breach detection. Continuously monitor for advanced threats and policy violations missed by other defenses, then analyze and remediate in record time.
      show more
      • FreeProprietary
      • Mac
      • Windows
      • Linux
      • BSD
      Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols).
      No screenshots yet
    3. Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes.
    Showing 10 of 20 alternatives