9
GitHub - six-ddc/httpflow: A command line utility helps to capture and dump HTTP...
source link: https://github.com/six-ddc/httpflow
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
httpflow
Installation
MacOs
brew update brew install httpflow
Linux
## On CentOS yum update yum install libpcap-devel zlib-devel pcre-devel ## On Ubuntu / Debian apt-get update apt-get install libpcap-dev zlib1g-dev libpcre3 libpcre3-dev
- Building httpflow
> git clone https://github.com/six-ddc/httpflow > cd httpflow && make && make install
or directly download Release binary file.
Usage
libpcap version libpcap version 1.9.1
httpflow version 0.0.9
Usage: httpflow [-i interface | -r pcap-file] [-u url-filter] [-w output-path] [expression]
-i interface Listen on interface, This is same as tcpdump 'interface'
-r pcap-file Read packets from file (which was created by tcpdump with the -w option)
Standard input is used if file is '-'
-u url-filter Matches which urls will be dumped
-w output-path Write the http request and response to a specific directory
expression Selects which packets will be dumped, The format is the same as tcpdump's 'expression' argument
If filter expression is given, only packets for which expression is 'true' will be dumped
For the expression syntax, see pcap-filter(7)
For more information, see https://github.com/six-ddc/httpflow
- Capture default interface
> httpflow
- Capture all interfaces
> httpflow -i any
- Use the expression to filter the capture results
# If no expression is given, all packets on the net will be dumped. # For the expression syntax, see pcap-filter(7). > httpflow host host httpbin.org or host baidu.com
- Use the regexp to filter request urls
> httpflow -u '/user/[0-9]+'
- Read packets from pcap-file
# tcpdump -w a.cap > httpflow -r a.cap
- Read packets from input
> tcpdump -w - | httpflow -r -
- Write the HTTP request and response to directory
/tmp/http
> httpflow -w /tmp/http
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK