Wireshark: is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originaily named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues. Wireshark is very similar to topdump, but has a graphical front-end, plus some integrated sorting and filtering options. Wireshark can be used in forensics investigation either to monitor an active traffic or read a stored one Wireshark can be used in Penetration testing to sniff passwords, bluetooth,GSM,and VOIP traffic.