Network monitor for https?

[LCF-AT]

Hi guys,

just have another small question about monitoring tools.I am still looking for any tool what can monitor whole traffic from computer to internet (not only browser) similar like Wireshark just more simple.On internet I found diffrent tools I have test some of them and see that they only capture http protocol and not https like tools from this site..

http://www.nirsoft.net/network_tools.html

...many helpfully and simple usable tools but no https support.Does anyone know some similar simple tools who support https I can check request & response headers?Anyway if WinInet / Windows Socket etc functions are used.

greetz

[whoknows]

https://www.charlesproxy.com/
https://www.telerik.com/fiddler

 

Edited September 12, 2019 by whoknows

[NeWOT]

damn so you can unpack themida but you can't search?

 

[Teddy Rogers]

There is nothing wrong with posting asking for recommendations for suitable tools. Some people here may have useful advice and tips to share about a particular tool. We can't all be proficient in everything...

Ted.

[Progman]

Windows API monitoring tools might also be suitable for this purpose.  Since you are dealing with HTTPS, F12 in the web browser is the simplest for me usually

[Kurapica]

@LCF-AT : I recommend this https://www.httpdebugger.com/

[Loki]

Do these tools act as a network level sniffer like wireshark, or more like a proxy? Fairly sure it's the latter which is a different ask (capturing everything vs capturing stuff from an app you have set to go through a proxy)

[Xyl2k]

telerik fiddler or zap proxy is what you need. for https you need to forge a certificate to get traffic in 'clear' both fiddler and zap proxy can do that, otherwise you can also install pfsense on a vm and add a squid proxy packet, then redirect all on it. that what i do on some of my machines, all my network card is deactivated on windows and all my internet traffic is send into my pfsense vm, i've also a debian in a secondary vm who run and save all syslog it act as 'log vault', and every apps on windows who want to 'internet' have their own user/pass for squid proxy, it took a bit of time to install all of this and maintain it but it make logs reading easier and i also have a whitelist with filterdns and pfBlockerNg. it's a very paranoid setup but it work good. and in case of attack i guess i'm gonna have enought datas too see what have gone wrong and how.

[Kurapica]

@Loki

HTTP debugger is able to intercept and modify traffic too, I think it's decent for seeing what happens in the background with an easy to use GUI

I'm not promoting it but it saved me much time when I was testing some activation process via HTTP in the background

[Xyl2k]

I wouldn't recommand HTTP debugger, HTTP Analyzer, and all thoses similar paid software when you have freewares soft like fiddler, etc who have the same features. you can also put 'breakpoint' like http debugger with fiddler, to modify http requests on the fly or 'repeat them.

[Loki]

7 hours ago, Kurapica said:

@Loki

HTTP debugger is able to intercept and modify traffic too, I think it's decent for seeing what happens in the background with an easy to use GUI

I'm not promoting it but it saved me much time when I was testing some activation process via HTTP in the background

Nice one. I generally use Fiddler but have seen stuff bypass it too and could only capture via wireshark, hence the question. Not tried http debugger though

[LCF-AT]

Hi guys,

thanks for your answers so far.

1.) As I said I am looking for a tool what can capture whole incomming / outgoing traffic from my PC (Windows Socket / WinInet / etc all) not just my browser.

2.) It should support https capturing = logging send / received request / response header datas.Must be use / setup a certificate for this to decrypt.

That are the basic features I am looking for.So the fiddler tool cant do that also it dosent support Windows Socket functions to log running apps on my PC,only WinInet works.

greetz

[Xyl2k]

instlal pfsense then

[Leila.Morar48]

HTTP Analzyer PRO