Avatar of meapledoo
meapledoo asked on

Linux HTTP Trace / Protocol Analysis

In Windows there are a number of tools that allow you to trace HTTP and HTTPS requests and responses  - viewing headers, POST data, etc.  One of my favorite tools for this is called HTTPAnalyzer.  

When using Linux it seems that my options are limited to either using Wireshark to capture port 80 traffic (which is limited because it is unable to decode HTTPS content) or using Firebug or LiveHTTPHeaders  inside of Firefox

Are there any applications for Linux that allow you to trace HTTP / HTTPS traffic?
File Sharing SoftwareLinux Networking

Avatar of undefined
Last Comment
meapledoo

8/22/2022 - Mon
nognew

Hello!
 perhaps tcpdump is quite useful utility.
Regards,
t.
ASKER
meapledoo

Hi nognew.

tcpdump has the same limitation as Wireshark.  I can trace packets and filter by port 80/443 but the HTTPS traffic cannot be decrypted for analysis.
nognew

i'm not really familiar with windows tools. How they allow you to decrypt https traffic? Are you providing them with certificate somehow?
t.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
nognew

I read about HTTPAnalyzer now and basically answered question I have asked above. You can set up wireshark to do the same. Although the procedure a might look a bit tricky.
Here are the step by step guide how to do that:
http://www.routerzone.eu/wiki/index.php/Using_Wireshark_to_Decrypt_SSL/TLS_Packet_Data

Regards,
t.
ASKER
meapledoo

Hi nognew,

That isn't an acceptable solution since you need to have the private key from the web server in order to decrypt the content.  HTTPAnalyzer and similar tools inspect the traffic within the winsock layer - after the decryption occurs.  I need a tool that does the same thing, which is why a network packet sniffer is not suitable for my needs.

Thanks.
nognew

correct, it seems you need a plugin for Firefox that can show you header etc.
How about Firebug?
I use it a lot to debug AJAX code. You can see packets in console mode.
https://addons.mozilla.org/en-US/firefox/addon/1843
Regards,
t.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
meapledoo

Thanks nognew.

I'm aware of Firebug and mentioned it in my question.  I need a standalone application that can capture and log HTTP/HTTPS traffic from any application, not just Firefox.  
ASKER CERTIFIED SOLUTION
nognew

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
meapledoo

Hi Nopius,

I'll agree with you that there is no available tool and will split the points between you and nognew.  Thanks for both of your time.

Oh - and the goal is most certainly not an illegal one and I'm offended by the accusation.  If you look at tools such as Firebug, HTTP Analyzer, etc - they trace HTTP and HTTPs interactions between the client and web server and allow a developer/analyst to inspect the traffic.  There is absolutely nothing illegal about that.   My goal was simply to find out whether such an application exists for a linux os.