But often, this mode is more useful for penetration testing a product and less during a CTF. This mode of wireshark is more useful for network based challenges where we need to intercept the traffic between our box and a challenge server. The initial screen shows the interfaces which are detected by wireshark, each of which can be configured to intercept packages. I will provide a high level overview of the UI here. The UI of Wireshark is intuitive and easy to get used to. On Windows and MacOS the official website provides the required binaries for installation. This is the preferred Linux distro for pen-testing and other security usages. Most of the Kali Linux distributions already have Wireshark pre-installed in them. # In CentOS linux distros # Install dependencies # Install package sudo apt install wireshark # In Ubuntu linux distros # Add repository sudo add-apt-repository universe