tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.
Wireshark Alternatives for Linux
There are many alternatives to Wireshark for Linux if you are looking for a replacement. The best Linux alternative is tcpdump, which is both free and Open Source. If that doesn't suit you, our users have ranked more than 50 alternatives to Wireshark and many of them are available for Linux so hopefully you can find a suitable replacement. Other interesting Linux alternatives to Wireshark are Intercepter-NG, NetworkMiner, Proxyman and Ettercap.
filter to find the best alternatives
Wireshark alternatives are mainly Network Monitors, but if you're looking for Network Analyzers or HTTP(S) Debuggers you can filter on that. Other popular filters include Android, iPhone, Mac, Linux, Open Source, iPhone + Network Monitoring and iPhone + Network Analyzer. You can also filter by region, for example EU-based alternatives if you prefer software developed in the European Union. These are just examples - use the filter bar below to find more specific alternatives to Wireshark.
Alternatives list
29 tcpdump alternatives
Intercepter-NG is a multifunctional network toolkit for various types of IT specialists.
Cost / License
- Free
- Proprietary
Application types
Alerts
- Discontinued
- Warning
Platforms
- Mac
- Windows
- Linux
- Android
- iPhone
- Android Tablet
- BSD
- iPad
39 NetworkMiner alternativesNetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can extract transmitted files and certificates from PCAP files containing HTTP, FTP, SMB, SMB2, TFTP and several other protocols.
+3
59 Proxyman alternativesProxyman is a high-performance macOS app, which enables developers to view HTTP/HTTPS requests from apps and domains. Available on macOS, iOS, Windows & Linux.
+2
Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Think of it as strace + tcpdump + lsof + awesome sauce.
Cost / License
- Free
- Open Source
Platforms
- Mac
- Windows
- Linux
Mojo Packets™ is web based tool that simplifies trace based analysis and troubleshooting of connectivity/performance issues observed in Wi-Fi (IEEE 802.11) environments.
Cost / License
- Free
- Proprietary
Platforms
- Mac
- Windows
- Linux
- Online
- Wireshark
+9
- 26 Nethogs alternatives
NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process.
Cost / License
- Free
- Open Source
Platforms
- Linux
- Xfce
N 
Ostinato is a network packet and traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. It features custom packet crafting with editing of any field for several protocols: Ethernet, 802.
Cost / License
- Paid
- Proprietary
Platforms
- Mac
- Windows
- Linux
The Network Diagnostic Tool (NDT) is a client/server program that provides network configuration and performance testing to a users desktop or laptop computer. The system is composed of a client program (command line or java applet) and a pair of server programs (a webserver...
N
Sweden
EU
United States
Netherlands
India
It's open source and use CLI