During a web application security assessment, it is not very common to analyze network traffic. However, sometimes there are applications that use some components not running on the common 80 or 443 ports, and open other ports and services.

Wireshark (https://www.wireshark.org/) is an open-source sniffer of network traffic that helps you to analyze the traffic generated in a network in raw mode. Usually, in bug bounty hunting, we will use it to analyze traffic between our localhost and the internet:

Wireshark, basically, can analyze any kind of protocol, and you can create flows to limit the scope and understand a specific behavior: