How to capture HTTP traffic with NGREP in Ubuntu
Ngrep is a tool that allow us to capture HTTP traffic. Root permissions are needed to use it and install it.
To install Ngrep
sudo apt-get install ngrep
Capture traffic maintaining natural lines in eth0 port 80 (HTTP)
ngrep -W byline -d eth0 port 80
Same as previous with data capture besides data storage in a file
ngrep -W byline -d eth0 port 80 -O myfile.txt
Capture traffic maintaining natural lines in eth0 port 80 (HTTP) but show only the get requests
sudo ngrep -W byline -d eth0 GET port 80
Notes
- Can be used for SIP, AGI and other protocols.