Article updated on

How to capture HTTP traffic with NGREP in Ubuntu

Ngrep is a tool that allow us to capture HTTP traffic. Root permissions are needed to use it and install it.

 

To install Ngrep

sudo apt-get install ngrep

 

Capture traffic maintaining natural lines in eth0 port 80 (HTTP)

ngrep -W byline -d eth0 port 80

 

Same as previous with data capture besides data storage in a file

ngrep -W byline -d eth0 port 80 -O myfile.txt

 

Capture traffic maintaining natural lines in eth0 port 80 (HTTP) but show only the get requests

sudo ngrep -W byline -d eth0 GET port 80

 

Notes

  • Can be used for SIP, AGI and other protocols.