What is a common tool used for network traffic analysis?

Wireshark is a widely used tool for network traffic analysis due to its powerful capabilities and user-friendly interface. It allows users to capture and inspect data packets traveling across a network in real time. With Wireshark, users can analyze protocols, troubleshoot network issues, and identify malicious behavior by dissecting each packet's contents in detail.

The tool supports a wide range of protocols and provides various features such as filtering traffic, viewing packet details, and saving captured data for later analysis. This makes it particularly valuable for network administrators, security professionals, and anyone needing a deeper understanding of their network's activity.

While other options listed, such as Nmap and Metasploit, serve important roles in network scanning and penetration testing, respectively, they do not focus primarily on traffic analysis like Wireshark does. TCPDump, although effective for packet capturing and analysis in a command-line environment, lacks the comprehensive graphical representation and user-friendly features that Wireshark offers, making Wireshark the most common and accessible tool for network traffic analysis among professionals.