Linux Command Line tool for sniffing HTTP traffic: httpry

Linux Command Line tool for sniffing HTTP traffic: httpry

For some reason, you need to sniff the HTTP site traffic (such as HTTP requests and responses ). For example, you may be testing the experimental function of a web server, or you are troubleshooting a web application or RESTful service, or you are) troubleshooting or searching for malware downloaded from a website. For whatever reason, HTTP traffic sniffing is helpful for system management, developers, and even end users.

The packet sniffing tool tcpdump is widely used to export real-time data packets. However, you need to set filter rules to capture HTTP traffic. Even its original output cannot be conveniently parked at the HTTP protocol layer. Real-time web server log parser such as ngxtop can provide readable real-time web traffic tracking traces, but this is only applicable to scenarios where the live web server logs can be fully accessed.

Ngxtop: monitors Nginx in real time

It would be nice to have a tcpdump-like Packet sniffing tool that only captures HTTP traffic. In fact, httpry is the HTTP packet sniffing tool. Httpry captures HTTP data packets and lists the data at the HTTP protocol layer in readable form. This article explains how to use httpry to sniff HTTP traffic.

Install httpry on Linux

Based on the Debian system (Ubuntu or LinuxMint), there is no httpry installation package in the basic repository. (You can directly install the package in the repository ). So we need to install it through the source code:

1. $ Sudo apt-get install gcc make git libpcap0.8-dev
2. $ Git clone https://github.com/jbittel/httpry.git
3. $ Cd httpry
4. $ Make
5. $ Sudo make install

In the Fedora, CentOS, or RHEL system, run the following yum command to install httpry. On CentOS/RHEL systems, enable yum to access EPEL repo before running.

1. $ Sudo yum install httpry

If you still want to install httpry using the RPM system source code, you can follow these steps:

1. $ Sudo yum install gcc make git libpcap-devel
2. $ Git clone https://github.com/jbittel/httpry.git
3. $ Cd httpry
4. $ Make
5. $ Sudo make install

Basic httpry usage

The basic usage of httpry is as follows:

1. $ Sudo httpry-I <network-interface>

Httpry listens to the specified network interface and displays the captured HTTP Request/response in real time.

In most cases, the screen is flushed quickly due to too many packets sent and received, which is difficult to analyze. At this time, you must want to save the captured data packets for offline analysis. You can use the 'B' or '-O' option to save data packets. The '-B' option saves the data packet as a binary file, so that you can use the httpry software to open the file for browsing. On the other hand, the '-O' option saves the data as a readable character file.

Save the file in binary format:

1. $ Sudo httpry-I eth0-B output. dump

Browse the saved HTTP packet file:

1. $ Httpry-r output. dump

Note that you can use the '-R' option to read data files without the root user permission.

Save httpry data as a character file:

1. $ Sudo httpry-I eth0-o output.txt

For more details, please continue to read the highlights on the next page:

1 2 Next Page