- Feb 14, 2022
I am still new to WireShark. It appears great when analyzing information manually, but can it perform a moderately detailed analysis of captured traffic on its own and spit out a report of what it thinks is off? Can it not reference captured data against known (up-to-date) attacks, malicious sites, domains and/or detect spoofing, ARP/DNS cache poisoning? Are there plugins for that? If not, then are there alternatives that can do that?