Wireshark is a network protocol analyser. Wireshark is able to intercept packets transmitted over the network and compile statistics about network usage, allow the user to view content that is being accessed by other network users, and store usage information for offline access. This paper depicts the comparison of Wireshark, with one other similar tool, Network Miner, which is a Network Forensic Analysis Tool (NFAT), based on different parameters: graphical user interface (basic), packet information and traffic analysis. Network Miner can be used as a passive network sniffer/packet capturing tool and can parse PCAP files for off-line analysis.