This is a very popular tool among both hackers and pen testers. Wireshark is famous for scanning networks. The tool captures data packets in a target network and displays them in a verbose format, which is human readable. The tool allows hackers or pen testers to deeply analyze network traffic to the level of inspecting individual packets.
Wireshark works in two modes. The first one is the network-capturing mode. It can be left running on a victim's website for a long time while capturing all the network traffic. In the second mode, the network capturing has to be stopped in order to enable deep analysis. From here, a user of the tool can see the network traffic and start mining for insecurely exchanged passwords or to determine the different devices on the network. It is the most important functionality of the program. Wireshark has a Conversations feature under the Statistics menu that allows a user to view communication between computers.
Figure 6 shows a Wireshark interface with its separate sections and the type of information that they contain: