ecapture
ssldump
ecapture | ssldump | |
---|---|---|
11 | 3 | |
13,551 | 241 | |
1.6% | - | |
9.1 | 6.8 | |
2 days ago | about 1 month ago | |
C | C | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ecapture
- Capturing SSL/TLS plaintext without a CA certificate using eBPF
- Ecapture: Capturing SSL/TLS plaintext without a CA certificate using eBPF
- Capture SSL/TLS text content without CA cert using eBPF. supports Linux/Android x86_64/Aarch64.
-
eCapture: capture HTTPS traffic without CA certificates on Android/Linux using Golang.
The answer is YES. eCapture for Android can help you capture HTTPS packets on Android without the trivial settings. and also support Linux Kernel.
-
Go based eBPF projects
eCapture : Capture SSL/TLS text content without CA certificate Using eBPF
-
Kubeshark: The API Traffic Viewer for Kubernetes
One option is to use ebpf uprobes to dump the key material or plaintext (https://github.com/ehids/ecapture ). Should be easy for c-like TLS libraries probably less useful for JIT languages.
-
Can eBPF be used to measure and trace http 502 504
Other standalone project it https://github.com/ehids/ecapture which might be helpful
- ecapture: capture SSL/TLS text content without CA cert using eBPF.
- Ecapture: Capture and Decode TLS with eBPF
- Capture SSL/TLS text content without CA cert by eBPF
ssldump
- Ssldump – (de-facto repository gathering patches around the cyberspace)
-
Tracing HTTP Requests with Tcpflow
I recall seeing a thread somewhere saying tcpflow would not add this capability and they point people to ssldump [1][2] and even that has some limitations.
[1] - https://github.com/adulau/ssldump
[2] - https://linux.die.net/man/1/ssldump
- Ssldump v1.3 – Many bugs fixed including memory leaks and a new JSON export
What are some alternatives?
sslsplit - Transparent SSL/TLS interception
haproxy - HAProxy Load Balancer's development branch (mirror of git.haproxy.org)
merecat - Small and made-easy HTTP/HTTPS server based on Jef Poskanzer's thttpd
lsquic - LiteSpeed QUIC and HTTP/3 Library
ssl-handshake - A command-line tool for testing SSL/TLS handshake latency, written in Go.
wolfssl - The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!
golang-tls - Simple Golang HTTPS/TLS Examples
tls-scan - An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
SoftEther - Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.
pixie - Instant Kubernetes-Native Application Observability
tlspuffin - A Dolev-Yao-model-guided fuzzer for TLS