# Wireshark
> GUI network protocol analyzer for capturing and inspecting packet-level traffic

**Category:** [[categories/explore-network-interactions-monitoring|Explore Network Interactions > Monitoring]] | **Tier:** Rich (FOR610)
**Docs:** [https://docs.remnux.org/discover-the-tools/explore+network+interactions/monitoring](https://docs.remnux.org/discover-the-tools/explore+network+interactions/monitoring)

## Usage
```bash
wireshark
wireshark -r capture.pcap
```

## Workflows
- [[workflows/behavioral-analysis-workflow|Behavioral Analysis]] — Step 3: Monitoring Setup
- [[workflows/network-interception-workflow|Network Traffic Interception]] — Step 4: Packet Capture

## Related Tools
- [[tools/burp-suite-community-edition|Burp Suite Community Edition]] — Investigate website interactions using this web proxy.
- [[tools/cs-parse-traffic|cs-parse-traffic.py]] — Decrypt and parse Cobalt Strike beacon network traffic using
- [[tools/mitmproxy|mitmproxy]] — Interactive HTTPS proxy for intercepting, inspecting, and mo
- [[tools/network-miner-free-edition|Network Miner Free Edition]] — Examine network traffic and carve PCAP capture files.
- [[tools/ngrep|ngrep]] — Search network traffic for patterns — like grep for packets

## FOR610
**Labs:** 1.2, 1.3, 1.6, 1.7, 1.8, 5.1
**Sections:** 1, 5

#packet-capture #protocol-analysis #network