Wireshark is already pre-installed on your Kali Linux operating system. To get started, perform the following steps:
- Navigate to Applications | 09 – Sniffing & Spoofing | wireshark.
- Once Wireshark is open, you'll be presented with the user interface as shown in the following screenshot:
- Wireshark will provide a list of all network interfaces and display a live summary graph of live network traffic passing through each network adapter. Double-clicking an interface will immediately start a live capture on the network interface card.
Enabling a capture on your local system will only display traffic flowing between your attacker machine and the remainder of the network. This means that Wireshark will only be able to intercept/sniff network traffic that is inbound to, and outbound from, your computer. That's not so handy, is it?
Let's take a look at creating a mirror of all network traffic from a network switch and sending it to our attacker machine.