netpeek
ssldump
netpeek | ssldump | |
---|---|---|
2 | 2 | |
57 | 228 | |
- | - | |
10.0 | 7.5 | |
over 2 years ago | 7 days ago | |
Go | C | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
netpeek
-
Application Traffic with eBPF
Isn't this how tcpdump/ngrep/gopacket work? For parsing the HTTP protocol, I find netpeek effective
[1] https://github.com/darshanime/netpeek
-
Tracing HTTP Requests with Tcpflow
There is also netpeek[1] which has better filtering capabilities and UX overall. It supports ngrep like bpf filters which we found useful.
1: https://github.com/darshanime/netpeek
ssldump
-
Tracing HTTP Requests with Tcpflow
I recall seeing a thread somewhere saying tcpflow would not add this capability and they point people to ssldump [1][2] and even that has some limitations.
[1] - https://github.com/adulau/ssldump
[2] - https://linux.die.net/man/1/ssldump
- Ssldump v1.3 – Many bugs fixed including memory leaks and a new JSON export
What are some alternatives?
tcpflow - TCP/IP packet demultiplexer. Download from:
ecapture - Capture SSL/TLS text content without a CA certificate using eBPF. This tool is compatible with Linux/Android x86_64/aarch64.
haproxy - HAProxy Load Balancer's development branch (mirror of git.haproxy.org)
lsquic - LiteSpeed QUIC and HTTP/3 Library
wolfssl - The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!
SoftEther - Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.
Suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
tls-scan - An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
tlspuffin - A Dolev-Yao-model-guided fuzzer for TLS