8

How can I (maybe with a proxy, but I need names of programs!?) log all my interactions of programs with my Internet connection, so that I could see WHAT a program is sending and WHAT it is receiving. (For example a program receives an XML Doc and I would like to read it.)

Also it would be very useful if I could modify every connection. For example programs trying to connect with: anyserver.amznsrv.com:4599, and I would like to redirect it to localhost or something like that.

S.L. Barth is on codidact.com
  • 5,524
  • 8
  • 40
  • 47
planIT
  • 375
  • 1
  • 3
  • 7
  • when you specify anyserver.amznsrv.com:4599, do you want to redirect only port 4599, or any connection to that server? And what OS are you using? – Tim Kennedy Nov 15 '11 at 16:05

3 Answers3

10

For tracking what is sent and received, you can use a packet sniffer. I use Wireshark (formerly Ethereal).

S.L. Barth is on codidact.com
  • 5,524
  • 8
  • 40
  • 47
8

If you're dealing with HTTP (and/or HTTPS) on Windows, Fiddler might help you there:

  • it hooks into Winsock, so it can tell you the program name
  • it will show you all HTTP(s) requests and responses passing through it
  • and it allows you to modify those, either manually or through scripts
Community
  • 1
Piskvor left the building
  • 1,654
  • 15
  • 14
7

Adding to @Piskvor answer - if you need to look at HTTP layer, you should be looking for a intercepting HTTP(s) proxy. There are several such proxies available, both free and commercial ones. If you're on Windows, Fiddler is a good choice. On other platforms you could try:

All of them will probably be right for the task you specified.

Krzysztof Kotowicz
  • 4,078
  • 21
  • 30
  • 1
    Can one of them modify the packets and resend them? – planIT Nov 15 '11 at 15:23
  • not really packets, these tools work in HTTP layer, so you can modify HTTP requests / responses. But yes, these tools are designed specifically for that purpose to be used by web application penetration testers. – Krzysztof Kotowicz Nov 15 '11 at 19:33