Lifting Packets

Our mission is to build the best tools that can be - seriously! That is what we leave by and that is what we aspire to every single day. This is why we are introducing a new tool in your arsenal that will help you dissect PCAP files and live sniffing sessions into nice HTTP transactions - effortlessly. Let us introduce you to pown - your personal assistant for lifting packets in da cloud.

Pown is tcpdump's hipster grand child. The tool takes a PCAP session or a network interface (for live sniffing) and stream it on a websocket using a simple messaging format. What is the benefit you may ask? Well, it upgrades your caveman hacker status to uber hacker status. You can do more things like a normal human being in better clients like your browser with tools such as HTTPView.

To demonstrate how useful this is, let's download some PCAP files from the hackeire repository. These packet files are horrendous to look at in Wireshark. So lets use pown to transcend them into HTTPView.

$ npm install pown -g

The -g flag is for global so that you can use the tool from everywhere. Now we need to read the files.

Now the file is available on a WebSocket serving on address ws://localhost:9090. Any client can access the packets and present them to the user ala unix-philosophy style. One of the clients that can sure this for you is HTTPView.

Open HTTPView with the fragment identifier #feedURI=ws://localhost:9090 like this

Voila! You don't have to be caveman anymore. All HTTP transactions are nicely transcoded in human readable way so that you can properly investigate them with the whole gamma of security tools at secapps.com.

But the truly awesome thing about pown is that you don't have to stick to HTTPView. Surely it is a nice tool but you can create one of your own. Or you can hook multiple tools too to the same WebSocket channel so that you never have to miss an important moment that should have been captured otherwise - every pentester knows what I am talking about.

There you go. Caveman 0 - 1 Uberhax0r. We have prepared some more updates so stick around on our Twitter feed.