Sniff traffic coming from one particular application?
14,695
Solution 1
Take a look at SocketSniff; it lets you examine connection activity for a specified program.
Solution 2
I prefer procmon http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx, and you get much more of what the app is doing as well.
Author by
Robus
Updated on September 18, 2022Comments
-
Robus over 1 year
Basically I'd like to sniff HTTP requests made by an .exe on Windows. I tried using wireshark, but it's somewhat unhandy since it sniffs all traffic on the interface. Are there any alternatives?
-
Synetech over 11 yearspossible duplicate of Capture traffic for specific application
-
-
Jerry Green over 3 yearsOk, I can see processes with it, but how do I see tcp queries?? Like, GET/POST requests, headers, etc. I filtered it by "TCP Send" and by "TCP Receive" but by opening each of that, I can only see date, PID, parent PID, timestamps when it ended, call stack, probably anything possible except the content itself! (paths, headers, arguments/values, like on a screenshot in accepted answer)
-
MDMoore313 about 3 years@JerryGreen you might want to use a tool more suited for the job, maybe procmon in addition to Wireshark maybe? You can see IP:Port info in procmon, and filter Wireshark traffic based on that, but Wireshark will give you a much better picture of what the traffic looks like imho.