Welcome to Laser Pointer Forums - discuss green laser pointers, blue laser pointers, and all types of lasers

LPF Donation via Stripe | LPF Donation - Other Methods

Links below open in new window

ArcticMyst Security by Avery

Pooldemon² HTTP packet sniffer - coded in C++

c0ldshadow

c0ldshadow

LPF Founder / Admin
Staff member
LPF Site Supporter
Joined
Mar 17, 2006
Messages
2,863
Points
113
i decided to code up this HTTP packet sniffer in C++

pool_screenshot.bmp


you can download it here:

DeepTide Security - Software



goals i was trying to accomplish:
1) make it easy to know when HTTP traffic is occurring (the systray icon blinks red to alert you when it detects HTTP POST/GET requests). its cool being able to catch stuff in the background, especially when u know u aren't browsing
2) malware analysis (sometimes malware disables or interferes popular packet capture tools, so this is an alternative for situations like that).


if u find any bugs / etc please report them to me

peace
-c0ld
 





bofhemeritus

bofhemeritus

0
Joined
Jul 25, 2013
Messages
25
Points
0
Is this tool still available? I've checked both sites' download areas, to no avail.

I'd like to try to see how this works as an alternative to WireShark/ngrep for capturing SOAP calls (done over HTTP put/get/delete/post requests with a slightly special header).

Basically, I'm using a tool called ngrep to capture the packets currently with a BASH shell script that wrangles the output into the bits relevant to me. All I'm doing is basically debugging a piece of code that sends SOAP calls back and forth.

Anyway, sorry to highjack your thread! If you still have it available, I'd love to play with it - particularly if it's as lightweight as I think it might be. Wireshark is a hog!
 
ped

ped

0
Joined
Nov 25, 2008
Messages
4,889
Points
113
Send a PM to c0ldsha0w . He may not be subscribed to this thread and thus unaware of your post.
 
Zom-B

Zom-B

0
Joined
Mar 25, 2008
Messages
895
Points
28
There's a Firefox addon called Live HTTP Headers, that even lets you create and modify data you send.
 
c0ldshadow

c0ldshadow

LPF Founder / Admin
Staff member
LPF Site Supporter
Joined
Mar 17, 2006
Messages
2,863
Points
113
hey, i discontinued that tool

u might want to check out Fiddler if looking for something similar

peace
-ave
 
bofhemeritus

bofhemeritus

0
Joined
Jul 25, 2013
Messages
25
Points
0
Thanks for the replies - I didn't realize that it was discontinued. Sorry for necroing!
 
c0ldshadow

c0ldshadow

LPF Founder / Admin
Staff member
LPF Site Supporter
Joined
Mar 17, 2006
Messages
2,863
Points
113
it's ok LOL no worries

i don't code as much as i used too (just Perl stuff and occassionally some C++ still)

mainly write Botnet C&C / exploit kit IDS rules now

my w0rk is at :

Security Engineer - IDS / IPS Custom Rules

happy coding
peace
-ave
 
Last edited:
You must log in or register to reply here.





Top