Skip to content
This repository has been archived by the owner on Nov 10, 2017. It is now read-only.

kyleconroy/coiltap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

elastic.go

elastic.go

 
 

main.go

main.go

 
 

pcap.go

pcap.go

 
 

Repository files navigation

Coiltap

Coiltap uses libpcap to capture HTTP traffic to and from a local port, storing the results in ElasticSearch.

Usage

coiltap -p 80 -i eth0 http://localhost:9200/requests

Development

Coiltap doesn't currently work on Vagrant. I'm not sure, but something to do with the type of packets that are returned on localhost.

You'll need both Bison and Flex installed. On Ubuntu

sudo apt-get install yacc flex

Interface

// For non-encrypted traffic, use
c := SniffHTTP(int port)

// For encrypt traffic, use
c := SniffHTTPS(int port, certFile string, keyFile string)

select {
case p := <- c.Pairs:
  // The full HTTP request
  log.Println("%+v", p.Request)

  // The full HTTP response
  log.Println("%+v", p.Response)

  // Timing contains the following information
  // - Total
  // - Blocked
  // - DNSResolving
  // - Connecting
  // - Sending
  // - Waiting
  // - Receiving
  log.Println("%+v", p.Timing)
}

About

Use RAW sockets to capture HTTP traffic for analytics

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages