Q: sometimes the burpsuite/fiddler is used for man-in-the-middle testing, but wireshark cannot capture local data packets and cannot obtain false certificate information. How can we capture data packets that interact with the burpsuite/fiddler? Solution: 1. in linux, wireshark is used to capture packets. There is a special interface "lo". If it is selected, "127.0.0.1" is captured. 2. in windows grasp the local loop package, you can use RawCap this software, will catch the package opened with wireshark, you can continue to analyze the RawCap: http://www.netresec.com /? Page = RawCapRawCap User Guide: use the administrative authority to open a folder. Then, enter the rawcap.exe Directory. All network interfaces are displayed. Select the number of port 127.0.0.1 to capture the package of the local loop, press ctrl + c to end.
Local loop packet capture