Alternative(s) to Fiddler or Wireshark?

#1

I want to know which software can show me connections to Google or whatever server a particular app is connecting to.

I was using Fiddler on my Linux computer before. It was good and it captures connections to Google. It also captured any connection to whatever website I visited on my browser.

However, Fiddler doesn’t work on certain software. Today, when I use it to capture connection from the PCloud app, it doesn’t work. The Fiddler app doesn’t show any connection in the window panel, despite the PCloud app really connect to the server and sync to my cloud storage.

I tried Wireshark, and it captured lots of connections made by an app on my PC. But all it returned were numbers. It takes time to analyze one by one of the connections.

Is there any easier tool than Wireshark?

#2

I would be interested if someone could answer this too. Though I do love command being really fast and efficient, I would be interested in a nice easy program as well. I DO have wireshark but honestly I find the command line programs easier lulz

There is a command-line packet sniffer designed to easily read and report HTTP requests being made that include the URL (and domain name) being accessed that I have installed, which is what I think you are looking for (if you’re okay with command-line) called httpry :smiley:

BUT I don’t know if it does HTTPS… i’ve never personally tried it with;
httpry ‘tcp port 80 or 8080 or 443’

rn i just do this:

#tcpdump '(dst port 80 or dst port 443 or dst port 8080 or tcp port 80 or tcp port 443 or tcp port 8080)

if i’m checking for ugh…spyware. I have other programs too for it, but they’re all generally the same. That command would show the connection HOSTNAMES which is what I’m guessing you are wanting as well :smiley: you can use the -n option with the program if you actually want IP addresses

Its sorta nice, I usually have one window with the command above running and another window with something just like:
#tcpdump

so it shows EVERYTHING like NTP requests, DNS and everything

iplookup.flagfox.net?ip= gives a nice easy overview of IP address if anyone chooses to check IPs :slight_smile:

ever wonder if your computer is sending out HTTP/HTTPS requests when you leave the house lulz. ya its not paranoia when its really happening lol. I’m on Void Linux ^^

but ya, anything better ?

1 Like
#3

I didn’t know that website before. At least it makes my life easier even though I use Wireshark. Here’s what I did:

  • Capture the packets with Wireshark.
  • Export packet dissections to a text file.
  • Analyze the IP number using that link. iplookup.flagfox.net?ip=
  • Press Ctrl+H (find and replace) and then delete the same IP that I already analyzed.
#4

net-mgmt/bandwhich on FreeBSD.

Compared to the imagery at https://github.com/imsnif/bandwhich#readme my first and second screenshots below are weird …

2021-02-21 03:18:49
2021-02-21 03:18:491920×1080 404 KB

image
image1920×1080 388 KB

… third and fourth appear fine:

2021-02-21 03:25:57
2021-02-21 03:25:573520×1080 586 KB

2021-02-21 03:27:04
2021-02-21 03:27:041920×1080 333 KB

At a glance, it’s as if there was ‘interference’ from a coincidental build of VirtualBox. I’ll seek advice from developers/maintainers.

1 Like
#5

thanks ^^

i’m going to try out bandwhich - i was just using tcpdump >_<