Learning Network Capture

Network Capture

What? Network / packet capture is a computer networking term for intercepting a data packet that is moving over a computer network.  Once a packet is captured, it can be analyzed, to help diagnose and solve network problems.

Why can we use the browser’s development tools network tab? This is a good start, but if we need to always open a new tab that persists logs, it can be challenging.

Network Capture with Chrome extension

Chrome provides a network sniffer extension that can be added.

Pros: easy to install.  Good basic capture but only shows request / response headers.

Cons: doesn’t show request params.

Network Capture with Burp Suite

What? Burp Suite is a tool for security testing web apps.  It can also be used to capture network traffic.
Penetration testing write up. Wikipedia page.

Network capture with tcpdump

tcpdump is a packet analyser that runs from the command line.

# tcpdump capture all data of packets on localhost port 8018
sudo tcpdump -nnvvXSs 1514 -i lo 'port 8018'