How to capture HTTP traffic with NGREP in Ubuntu

Article updated on Thursday, 11 December 2014

How to capture HTTP traffic with NGREP in Ubuntu

Ngrep is a tool that allow us to capture HTTP traffic. Root permissions are needed to use it and install it.

To install Ngrep

sudo apt-get install ngrep

Capture traffic maintaining natural lines in eth0 port 80 (HTTP)

ngrep -W byline -d eth0 port 80

Same as previous with data capture besides data storage in a file

ngrep -W byline -d eth0 port 80 -O myfile.txt

Capture traffic maintaining natural lines in eth0 port 80 (HTTP) but show only the get requests

sudo ngrep -W byline -d eth0 GET port 80

Notes

Can be used for SIP, AGI and other protocols.