Must have in any security professional's toolbox
July 27, 2021

Must have in any security professional's toolbox

Chase Palmer, CISSP | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Wireshark

Wireshark is one of those tools that should be in every cyber security professional's toolbox. We use Wireshark for research and investigation. When reviewing a new software we will check the network traffic coming from applications to make sure that nothing strange is coming from or to the application.

We also set up various Capture the Flag challenges for recruiting purposes and use Wireshark to set up those challenges.
  • Network traffic inspection
  • Packet inspection
  • API testing/troubleshooting
  • Filters can be difficult to remember and formulate. A simple filter set or filter builder would be helpful.
  • Being able to see the network traffic happening on a device and from an application.
  • Being able to inspect the contents of packets.
  • We have a great tool to provide confidence in our application purchases.
  • We are able to inspect how our code is working when it is making network requests.
[Wireshark] is just the go-to application. It's the tool that is taught with in school and at trade conferences. We have not had a need to even look at other tools. It's free, it had a ton of functionality, and it just works without complaint.

Do you think Wireshark delivers good value for the price?

Yes

Are you happy with Wireshark's feature set?

Yes

Did Wireshark live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Wireshark go as expected?

Yes

Would you buy Wireshark again?

Yes

I don't know of any other tool that works as well as Wireshark for packet capture an inspection. It's extremely easy to get up and running, and even with little to no knowledge of how to use the tool, you can be looking at all the traffic coming off a network interface.