Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

Announcing Wireshark 3.0.0

Save for later
  • 2 min read
  • 01 Mar 2019

article-image
Yesterday, Wireshark released its version 3.0.0 with new user interface improvements, bug fixes, new Npcap Windows Packet capturing driver and more.

Wireshark, the open source and cross-platform network protocol analysis software is used by security analysts, experts and developers for analysis, troubleshooting, development, and other security-related tasks to capture and browse the packets traffic on computer networks.

Features of Wireshark 3.0.0

  • The Windows .exe installers replaces WinPcap with Npcap. Npcap supports loopback capture and 802.11 WiFi monitor mode capture - only if supported by the NIC driver.

  • The "Map-Button" of the Endpoint dialog that was erased since Wireshark Version 2.6.0 has been added in a modernized form.

  • The macOS package ships with Qt 5.12.1 and the OS requires version 10.12 or later.

  • Initial support has been provided for using PKCS #11 tokens for RSA decryption in TLS. Configure this at Preferences, RSA Keys.

  • The new WireGuard dissector has decryption support and requires Libgcrypt 1.8 for the same.

  • You can now copy coloring rules, IO graphs, filter Buttons and protocol preference tables from other profiles using a button in the corresponding configuration dialogs.

  • Wireshark now supports Swedish, Ukrainian and Russian language.

  • Unlock access to the largest independent learning library in Tech for FREE!
    Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
    Renews at ₹800/month. Cancel anytime
  • A new dfilter function string() has been added which allows the conversion of non-string fields to strings. This enables string functions to be used on them.
  • The legacy (GTK+) user interface, the portaudio library are removed and no longer supported.

  • Wireshark requires Qt 5.2 or later, GLib 2.32 or later, GnuTLS 3.2 or later as optional dependency.

  • Building Wireshark requires Python 3.4 or a newer version.

  • Data following a TCP ZeroWindowProbe is not passed to subdissectors and is marked as retransmission.


Head over to Wireshark’s official blog for the entire list of upgraded features in this release.

Using statistical tools in Wireshark for packet analysis [Tutorial]
Wireshark for analyzing issues and malicious emails in POP, IMAP, and SMTP [Tutorial]
Analyzing enterprise application behavior with Wireshark 2