httpry is packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the traffic as it is parsed, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications.
What can you do with it? Here's a few ideas:
- See what users on your network are requesting online
- Check for proper server configuration (or improper, as the case may be)
- Research patterns in HTTP usage
- Watch for dangerous downloaded files
- Verify the enforcement of HTTP policy on your network
- Extract HTTP statistics out of saved capture files
This release brings substantial improvements to some existing features. IPv6 parsing can now follow extension headers that are present in the captured packets. Also, the rate statistics code has been substantially overhauled to handle an arbitrary number of hosts, along with a couple of additional switches for controlling behavior. Additionally, this release adds an optional switch to specify the PID filename, which is helpful when running multiple instances of httpry on the same box.
Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honey pot , could be used to service DHCP request , DNS requests or phishing attacks
To install simply run the following command in terminal after changing directory to the path were the downloaded package is:
root@host:~# dpkg -i Ghost-Phisher_1.2_all.deb
To get the source code for this project from SVN, here's the checkout link:
root@host:~# svn checkout http://ghost-phisher.googlecode.com/svn/Ghost-Phisher
FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to.
It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK)
It's kind of like Firesheep for android. Maybe a bit easier to use (and it works on WPA2!).
*** ROOTED PHONE *** is required. Please note that if webuser uses SSL this application won't work. This application due to its nature is very phone-dependant so please let me know if it won't work for You