If you divide web traffic from top to bottom into layers of--xmlhttprequest, HTTP layer, TCP layer, these tools can be used to analyze the communication data of each layer separately, which is very powerful in combination.
2008/12/31: In addition, you can refer to Daniel Classmate's Web development tools commonly used in the article, I believe it will greatly help Oh.
XMLHttpRequest Layer: Firebug
Applicable scope |
Ajax Applications |
Advantages |
Easy to use, complete data interception |
Disadvantages |
can only parse XMLHttpRequest requests, other types of requests are powerless |
Firebug should be known to all. Its console monitors the XMLHttpRequest request and sees the full request and response data. It's best to debug Ajax programs with it.
HTTP layer: Tamper Data
Applicable scope |
Plain web, AJAX applications, Flash |
Advantages |
Easy to use, wide range of applications, any HTTP request can intercept |
Disadvantages |
can only intercept the request header, the request content, the reply head, does not get the reply content, relates the document downloading time limit to reduce greatly |
Tamper Data than Firebug into a step, as long as the HTTP request, it can be grabbed down, but unfortunately not see the answer content. Applies to profiling request processes, request parameters, request data, and redirect URLs. For non-AJAX programs such as ordinary Web pages, Flash, ActiveX and other programs, using tamper data to analyze very convenient.
HTTP layer: Burpsuite
Applicable scope |
Plain web, AJAX applications, Flash |
Advantages |
Wide range of applications, interception of data integrity, do not pick the network card |
Disadvantages |
Use a little bit of trouble |
The proxy function in burpsuite is useful for analyzing web communications. Its principle is to set up a proxy server, so that the browser through the agent to send requests, agents can intercept data.
Use the method:
- Configure proxy, and then set the browser to use its proxy
- Visit the Web page that you want to crawl
- The request content is seen in the proxy of the Burp suite, where the request can be analyzed in detail.
- If you want to continue analysis of the answer, you can right-click on the request content, select Send To Repeater
- Switch to the Repeater tab, click the "Go" button to send the request, and you can see the answer below
TCP Layer: Wireshark
Applicable scope |
Any network program |
Advantages |
Wide range of applications, complete interception of data |
Disadvantages |
Use trouble; Cannot use loopback network card |
If none of the above methods work, it is necessary to sacrifice the ultimate weapon Wireshark(formerly known as Ethereal). It starts at the bottom of the network and can intercept any type of network traffic, not just the HTTP protocol. For example, to develop a mail program, you need to analyze server-side scripts and POP3 server communication between, it must be wireshark.
How to use:
- Select the crawl physical network card in the Wireshark;
- Ask the application to send a request;
- Stopping the crawl in the Wireshark;
- From the captured bag list to find out just the request from the application, right click Select Follow TCP Stream, you can see the full content of the request.
The disadvantage of this tool is that it cannot crawl the loopback network card, that is to say, if your program is connected to a server located in localhost or 127.0.0.1, then Wireshark will not be able to catch it. The solution is to have the program use a real physical network card to connect to another machine, or a virtual card with a virtual machine.