TCPDUMP is a sniffer for Linux and other UNIX-like systems. It allows you to scan the local network, get detailed information about all connected devices and extract technical information about them. It has no graphical interface, works via the terminal, which in theory makes it possible to run it even on Android. It features open source code and the option to add third-party modules.

TCPDUMP features

Main functionalities:
  • displays all ports involved, and details on all network protocols used and which device (program) initiated the connection
  • intercepts packets (as PCAP containers)
  • previews PCAP containers.

The utility can use multiple network interfaces simultaneously (both Ethernet and wireless). Bypassing driver software limitations is supported.

Windows version

Officially TCPDUMP for Windows is not released. But there is a compiled module for Sniffer SDK which allows to run the sniffer through the command line or in the Power Shell interface. Also there is a WinPCAP application for Windows based on the TCPDUMP source code. There are a few Microsoft products that are available for Windows such as Wireshark.

How to use

Examples of commands for basic LAN scanning (as administrator, otherwise control of network interfaces is not available):
  • tcpdump -D - output available network cards;
  • tcpdump -i wlan1 - capture traffic from specified interface (for stopping process Ctrl+C key combination, for capturing from all interfaces at once parameter "any" is used);
  • tcpdump -v - filter for output information in terminal window.
For further analysis of captured packets, a SSL session key is required (if the traffic has been encrypted).

User scenarios

The most common uses for TCPDUMP are:
  • detect unauthorized connections to LAN, router;
  • detect traces of active virus software that sends private data to a remote server behind the scenes;
  • scans corporate network to identify non-work PC users;
  • general monitoring of network activity by network administrators.
Download TCPDUMP for free with the latest version at our site.

Program information
Title: Tcpdump
Size: 1.92 mb
Operating system: Windows
Latest version: 4.99.1
Developer: The Tcpdump team
reload, if the code cannot be seen
Download the same:
Wireshark (ver. 3.6.6)

Wireshark - wireless network traffic analyzer, scans and saves all packets transmitted in the network, possible to import and export for further work in other programs

Wifislax (ver. 3.1 (64bit), 4.12 (32 bit))

Wifislax is a powerful professional tool for auditing wireless network security, used by security specialists but also loved by hackers as it can help in hacking WiFi networks

CommView for WiFi

CommView for WiFi is a powerful express wireless network analyzer for the 802.11 a/b/g standard. Incredibly functional and powerful program designed to capture every network data packet transmitted.

Capsa Enterprise
Capsa Enterprise (ver. 13.0)

Colasoft Capsa is a powerful wireless and wired network analyzer that allows simple monitoring with great capabilities