During recent work, you sometimes need to capture the source address and target URL. It feels good to use several tools.
The first one is wsockexpert made in China. In the past, most people used Internet vulnerabilities. Easy to access, common functions. However, its own DLL files are easily considered to be deleted by Trojans. Suitable for analysis submitted by specific programs.
The second is httpwatch. A packet capture program embedded in IE. The post header and return value are clearly displayed. It is more suitable for analysis of the entire web site data.
The third is httpanalyzerstdv2, which is my favorite packet capture tool. There are two forms. One mode is similar to httpwatch and can be nested with IE. The other mode is an independent EXE, which can capture all Web requests, including the requests from the EXE to the Web, which has a lot of utility. Sometimes it can also be used to determine whether the EXE may be a Trojan (although the probability is small). Another way is to use it to capture packets from some injection tools. Compared with wsockexpert, you can easily capture data at each commit. This makes it easier to analyze the SQL statements used by the original SQL Injection tools such as nbsi and ad on functions such as validation and column directory.
Wsockexpert official website address:
Http://www.dxqsoft.com/we/index.htm
Httpwatch official website address:
Http://www.httpwatch.com/
Httpanalyzerstdv2 official website address:
Http://www.ieinspector.com/