Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
G
G
GnomKiller2015-08-06 19:06:33
Wireshark
GnomKiller, 2015-08-06 19:06:33

How to analyze traffic on the fly?

There is a small traffic (HTTP/HTTPS), I emphasize small. Literally 1 request in 20 seconds.
You need to get a request/response link.
Is it possible to do this with TSHARK
Latency doesn't play a big role. Thus, the question boils down to how to make TSHARK collect HTTP packets. The result will be processed programmatically.

Also, the question on HTTPS for the GUI is the ability to specify a log of session keys, but how to do this in TSHARK I

forgot to write OS windows. it is possible to switch to another http sniver, the main thing is that it can decrypt (if there is a log of session keys) https traffic. and it was possible to parse its output, or api

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrew, 2015-08-06
@OLS

It seems to me that squid with the sslbump option (for reading HTTPS) and ICAP (actually for analyzing / modifying traffic) is suitable for you

Similar questions
L
larikojaan2021-02-28 20:22:46
How to intercept network traffic in Kali? 2Reply
K
Klaxons2019-08-21 10:19:43
How to solve Wireshark permissions issue on OSX? 0Reply
T
Thiago Alvarez2019-09-07 21:26:31
Is my host constantly pinged? DDOS? what is this? 2Reply
G
gd1xza2021-05-24 13:34:34
What version of tls is being used? 1Reply
X
Xaip2017-08-08 14:23:41
Can't connect capture packet to wireshark? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question