Autopsy Digital Forensics vs. Wireshark

Autopsy Digital Forensics is great for image investigation, just do a copy of the image, load it up and do the investigation. In the hands of DFIR specialist this software can do wonders in revealing various of pieces of information from an image. Software is easy to use and even a novice could use it without much trouble (assuming he has the knowledge of what to search for).

I don't know of any other tool that works as well as Wireshark for packet capture an inspection. It's extremely easy to get up and running, and even with little to no knowledge of how to use the tool, you can be looking at all the traffic coming off a network interface.

Incentivized

• Easy to use UI
• Fast compared to competitors
• Ability to use modules and plugins
• Portable
• Just does the job

• Light-weight software - Does not require high end specifications; also runs smoothly on Legacy systems
• Filter function - Lets you filter you packets from thousands to tens so as to find your target much easily
• Simultaneous capturing on all the network adapters - You can capture packets from all the Network Interface Cards (NIC's) at once.

• None - this software is amazing.

• A more user-friendly interface would be nice, but then again it is not really designed for those who are not quite comfortable with this type of software.
• Changes to functionality on updates - this can sometimes happen unexpectedly and can be an annoyance.
• More powerful data processing would be welcomed

Incentivized

It's very simple and easy to use, although individuals not used to managing and administering networks would take some time to get familiar with it. Once they have mastered use of the application, it's easy to stay knowledgeable about it, iteration after iteration. It is well supported online through an open-source community network of professionals who are helpful in imparting knowledge and in providing assistance.

Incentivized

I don't believe Wireshark has "true" support as the software is open source. However, there is an active & friendly community around Wireshark that are more than happy to help answer questions. From a comprehensive Wiki and FAQ section on the site to the Ask a Question forum and bug tracker section, there's plenty of support options to make sure your questions and issues are addressed.

Incentivized

Simple and easy setup.

Incentivized

Autopsy was easier to use, I liked the UI more and it just felt better.

Wireshark is a free tool that came highly recommended by one of our former network security consultants. Using the tool he was able to resolve all of our higher tier network tickets, so we observed first hand why we needed to add Wireshark into our toolset. We received in-depth instruction and training scenarios that demonstrated the effectiveness and power of the product, so we didn't spend any time reviewing competing products.

Incentivized

• Easies forensic investigations
• Has great training platform
• Has a free version

• Identifying bugs in the network has never been smooth and near-perfect.
• Wireshark has made sure our equipment and software is working properly via analyzing network data.
• Analysis of IP packets and Sip call flaws has saved us a lot of time and confident result.

Incentivized