Decrypting HTTPS traffic

In Web and Internet development you are unable to see what is being sent and received between your web browser / client and the server. Without this visibility it is difficult and time-consuming to determine exactly where the fault is.

While there are a lot of proprietary SSL Proxy products available in the market. I have tested a product named Charles Proxy and found it to be a great Product. While Charles is not open source you can try the product for 30 days for free and make you a decision of purchase, If you often want to sniff HTTPS traffic as part of your job or development I would say its worth a buy.


Download: https://www.charlesproxy.com/download/


Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers.


▒ Explanation of Charles using Windows:


Here you can see the contents of my blog


Now let's decrypt!


#1) Help >> SSL Proxying >> Install Charles Root Certificate;

#2) Install Certificate;

#3) Local Machine;

#4) Choose repository;

#5) 2nd option (Trust Root Certification)


#6) Clear the current session;


#7) Proxy >> SSL Proxying Settings;

#8) Enable SSL Proxying;

#9) Click on Add at "include" option;

#10) Type * on host and OK.


#11) Clear the current session;

#12) Open website that you install the certification and see the magic:


So there are numerous possibilities and scenarios you can fulfil with this and perform high-level network and application debugging with this. In fact. Charles proxy can even be used for Mobile App Debugging and to sniff HTTPS traffic between Mobile App and to the Server.


gif

19 views0 comments

Recent Posts

See All

Malicious executables often attempt to hide their behavior and evade detection. By doing so, they present anomalies and suspicious patterns. Pestudio is a free tool that allows you to perform an initi

Do you want to build by yourself a LAN server right on your Windows computer? Here you have some steps to do it works. #1) Go to openspeedtest.com; #2) Click on DOWNLOAD link; #3) Download and install

This is a simple way to share files over the internet using command line on Windows OS with no file size limit. To share file quickly with everyone I use NGROK. You only need to download the free vers