Packet Sniffers

Recommended Sniffing Software For 2017

Home / Hacker Tools / Top Ten / Packet Sniffers

What Is This Resource?
The first time I spoke about Packet Sniffing to my business partner he thought I was being a pervert…

No, alas, packet sniffing is all about being able to detect and in many cases manipulate the packets that are flowing in and out of a network. The tools and software that we are listing on this page we hope will be of use to you in your quest to improve your Cybersecurity skills!

The tools that we list here vary with usage but what we’ve done is tried to list as many genuinely useful packer sniffer tools that we have used in the past.

Quick Links (Tools Listed In This Resource):

To submit a tool please click here or for further information on the range of hacking tools and software that we list please follow this link.

Last Updated: September 23rd, 2017

Cain & Abel

Cain & Abel Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

Cain & Abel

Tool Category: Packet Sniffers

Cost of Tool: Free


What is Cain and Abel Hacking Tool?
Cain and Abel is a one of the most popular tool used for password recovery. It can recover various kinds of passwords by using methods such brute force attacks, cryptanalysis attacks and one of the most used which is the dictionary attack. This tool is maintained by Sean Babcock and Massimiliano Montor.

Is Cain and Abel Hacking Tool Free?
Yes! It is one of the most used and popular free hacking tool found on the internet.

Does Cain and Abel Hacking Tool Work on all Operating Systems?
Unfortunately, Cain and Abel is only available for Windows Operating Systems.

What are the Typical Uses for Cain and Abel Hacking Tool?
There are a lot of uses for Cain and Abel and this includes cracking of WEP and ability to crack LM & NTLM hashes, NTLMv2 hashes, Microsoft Cache hases, Microsoft Windows PWL files Cisco IOS – MD5 hashes and many more, speeding up packet capture speed via wireless packet injection, record VoIP conversations, decoding of scramble passwords, traceroute, hashes Calculation, dumping of Protected storage passwords, ARP spoofing, Network Password Sniffer, LSA secret dumper and IP to Mac Address resolver.

dsniff

dsniff Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

dsniff

Tool Category: Packet Sniffers

Cost of Tool: Free


What is dSniff?
dSniff is a network traffic analysis and password sniffing tool created by Dug Song to parse various application protocols and extract relevant data. dsniff, mailsnarf, filesnarf, msgsnarf, urlsnarf and webspy monitors a network for interesting information like emails, passwords and files while macof, dnsspoof and macof help in the interception of network traffic that is normally unvailable to the attacker.

Is dSniff Free?
Yes, use of this tool is free.

Does dSniff Work on all Operating Systems?
dSniff works on Linux, Windows and MAC OS X Operating systems.

What are the Typical Uses for dSniff?
The use of this tool is to sniff usernames, passwords, email contents and webpages visited. As the name implies, dsniff is a network sniffer but can also be used to disrupt behavior of normal switched networks and can cause network traffic from other hosts on the same network. It handles protocols like FTP, Telnet, LDAP, IMAP, NNTP, POP, OSPF, NFS, VRRP, Citrix ICA, Rlogin and many more.

EtherApe

EtherApe Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

EtherApe

Tool Category: Packet Sniffers

Cost of Tool: Free


What is Etherape?
Etherape is a Graphical Network Monitor that is modeled after etherman. It features an IP, TCP and link layer modes that displays network activity graphically. Links and hosts change in size with traffic. It also has a color coded protocols displays. This tool supports Hardware and Protocols such as FDDI, Ethernet, ISDN, Token Ring, SLIP, PPP and WLAN devices plus a lot of encapsulation formats. EtherApe can filter traffic to be shown and can read packets coming from a file as well as life from the network. Node statistics can also be exported.

Is Etherape Free?
Yes, Etherape is free to use.

Does Etherape Work on all Operating Systems?
Etherape works on Linux and MAC OS X operating systems.

What are the Typical Uses for Etherape?
Etherape is primarily used to track several types of network traffic.

Ettercap

Ettercap Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

Ettercap

Tool Category: Packet Sniffers

Cost of Tool: Free


What is Ettercap?
Ettercap is an open source network security tool made for man in the middle attacks on local area networks. It works by ARP poisoning the computer systems and putting a network interface into promiscuous mode. Thereby it can unlease several attacks on its victims. It also has a plugin support so features can be extended by putting new plugins.

Is Ettercap Free?
Ethercap is free and can be downloaded through their website which can be found here https://ettercap.github.io/ettercap/

Does Ettercap Work on all Operating Systems?
It works on several operating systems including Windows, MAC OS X and Linux.

What are the Typical Uses for Ettercap?
Ettercap is used to content filtering on the fly, sniff live connection and many more. It is also used for security auding and computer network protocol analysis. It has the capability to intercept traffic on a network segment, conduct active eavesdropping against common protocols and also used to capture passwords.

inSSIDer

inSSIDer Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

inSSIDer

Tool Category: Packet Sniffers

Cost of Tool: Free


What is Inssider?
Inssider is a wireless network scanner and was designed to overcome limitation of another tool which is NetStumbler. Inssider can track signal strength over time, open wireless access points and save logs with GPS records.

Is Inssider Free?
This is now a pay to use application.

Does Inssider Work on all Operating Systems?
It can be used on both Windows and Apple operating systems.

What are the Typical Uses for Inssider?
There are several uses for Inssider. It can collect data from wireless card and software. Assist with selecting the best wireless channel available. Render useful Wi-Fi network information such as SSID, MAC, vendor, data rate, signal strength, and security. Show graphs that signal strength over time. Shows which Wi-Fi network channels overlap. It also offers GPS support and data can be exported as Netstumbler (.ns1) files.

KisMAC

KisMAC Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

KisMAC

Tool Category: Packet Sniffers

Cost of Tool: Free


What is Kismac?
KisMAC is a wireless network discovery hacking tool. Eventhough the codebase is different, this popular wireless stumbler provides several of the features of its namesake Kismet. This tool offers a beautiful GUI and was around even before Kismet was ported to MAC OX X. It also offers mapping, looging and Pcap-format import.

Is Kismac Free?
Yes, the use of this product is free.

Does Kismac Work on all Operating Systems?
No, this hacking tool is exclusively for Mac OS X.

What are the Typical Uses for Kismac?
KisMAC has many uses that are all very similar to, and drew influence from – Kismet (which is the Linux/ BSD version of this hacking tool). This software helps network cybersecurity professionals and is shipped under GNU General Public License regulations. KisMAC scans for networks passively on supported wireless cards – including Apple’s AirPort, and AirPort Extreme, and many third-party cards, and indeed on any other card that is supported by Apple Mac. Cracking of WEP and WPA keys, both by brute force, and exploiting flaws such as weak scheduling and poorly generated keys is supported when a card capable of monitor mode is used, and packet reinjection can be done with a supported card (Prism2 and some Ralink cards). GPS mapping can be performed when an NMEA compatible GPS receiver is attached.

Kismet

Kismet Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

Kismet

Tool Category: Packet Sniffers

Cost of Tool: Free


What is Kismet?
Kismet is a packet sniffer, network detector and intrusion detection system for 802.11 wireless local area networks. This tool will work with other wireless card that supports raw monitoring mode and can also sniff 802.11a, 802.11b, 802.11g and 802.11n traffic.

Is Kismet Free?
Kismet is free for use.

Does Kismet Work on all Operating Systems?
The tool work on different systems including Linux, FreeBSD, OpenBSD, NetBSD and MAC OS X. It can also run on Microsoft windows.

What are the Typical Uses for Kismet?
Kismet is used in a number of open source and commercial projects. For an inexpensive wireless intrusion detection system, it can be used with other packages. It has also been used in a number of peer reviewed studies.

NetStumbler

NetStumbler Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

NetStumbler

Tool Category: Packet Sniffers

Cost of Tool: Free


What is NetStumbler?
Netstumbler is one of the well-known Windows tool for finding open wireless access points. They also distributed a WinCE version created for PDAs and named it MiniStumbler. Netstumbler uses a more active approach in finding WAPs than other tools. The last time we checked NetStumbler didn’t seem to have been updated – but we could be wrong! If we are please go ahead and drop a comment below – we and our community would really appreciate it.

Is NetStumbler Free?
Yes, this tool is free but no source code is provided.

Does NetStumbler Work on all Operating Systems?
Netstumbler is a Windows-only tool.

What are the Typical Uses for NetStumbler?
Netstumbler is commonly used for Wardriving. Finding locations with poor coverage in WLAN. Verifying network configurations. Helps in detecting causes of wireless inteference. Detects unauthorized access points and aiming directional antennas for long-haul WLAN links.

NetworkMiner

NetworkMiner Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

NetworkMiner

Tool Category: Packet Sniffers

Cost of Tool: Free


What is NetworkMiner?
Network Miner is created by Netresec – a cyber security software vendor. Netresec specialize in software and programs for network forensics and analysis of network traffic. Obviously, as a security professional, understanding what is happening on your network is half of the battle. NetworkMiner ships in a free and paid version, which we highly recommend since it is always beneficial to start with a ‘free’ version before migrating to the supported commerical version if you are happy with this network security tool.

Is NetworkMiner Free?
NetworkMiner ships in a free and paid version, which we highly recommend since it is always beneficial to start with a ‘free’ version before migrating to the supported commerical version if you are happy with this network security tool.

Does NetworkMiner Work on all Operating Systems?
NetworkMiner is a Network Forensic Analysis tool designed for Microsoft Windows.

What are the Typical Uses for NetworkMiner?
NetworkMiner is used as a passive network sniffer or packet capturing tool in order to detect various sessions, hostnames, open ports, operating systems and vice versa without putting any traffic on the network. It is also use to parse pcap files for analysis offline and be able to reassemble transmitted data files and certificated from pcap files. The display on NetworkMiner focuses on the hosts and attributes rather raw packets.

Ngrep

Ngrep Resources: Books, Courses & Software



Professional Cybersecurity Courses | Free Training

Ngrep

Tool Category: Packet Sniffers

Cost of Tool: Free


What is Ngrep?
This tool – ngrep – (which is a concatenation of ‘Network Grep’) is a network packet analyzer that works within the command line, and is reliant on the pcap library and the GNU regex library. ngrep is similar to tcpdump, but it offers more in that it will show the ‘regular expression’ in the payload of a packet, and also demonstrate the matching packets on a screen or console. The end result is that the user (typically a penetration tester or network security engineer) will see all unencrypted traffic being passed over the network. You need to put the network interface into promiscuous mode in order for this to work.

Is Ngrep Free?
Downloading and using of Ngrep is free.

Does Ngrep Work on all Operating Systems?
It works on operating systems running Linux, Windows and MAC OS X.

What are the Typical Uses for Ngrep?
Ngrep is used to store traffic on the wire and store pcap dump files and read files generated by tools like tcpdump or wireshark.

[continued from top of page]