Wireshark Analyzer is a fantastic multi-platform open source network protocol analyzer. It can be used to check the analysis of data from the network host to survive, but also look to capture files from the disk. You can interactively browse the capture data, just capture details of the package, you need to analyze. Wireshark has some powerful features, including the ability to rich display filter language and view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. It includes a similar tcpdump named tshark the console version. Note that Wireshark emergence of a few dozens of remotely exploitable vulnerabilities, and thus needs to be updated to the latest version, and do not run in an insecure network environment.
Introduction Video: https://www.wireshark.org/video/wireshark/introduction-to-wireshark/
https://www.wireshark.org/video/wireshark/custom-shortcuts/
