I've been working on this for a while - I am building a module which needs to capture HTTP/HTTPs traffic which goes from and to the host computer. My original language of choice is Java, and I'm able to do the following:
- Create a Proxy Server using LittleProxy
- Modify my browser settings to use the proxy that I've created
- Perform transactions on the browser so that my proxy can record them.
This works fine, except for the below problems:
- For someone using my app, this creates an additional manual overhead to manually set the proxy details on the browser (Though this can be done by code by changing browser settings and launching).
- My app can record only transactions from the specific browser that points to a proxy.
I would like to enhance this module in such a way that the user overheads are removed. Something like what Wireshark, Fiddler and LoadRunner (VuGen). My question is, how do they do it? Do they also run a proxy somewhere behind the scenes? Or do they sniff HTTP traffic from the network or OS or some other layer?
So to be precise, I have the following questions:
- Is creating a proxy the only way to capture HTTP requests?
- Can I track requests/responses from the OS level (without a proxy)? If yes, is Java good enough or should I lean towards .NET (C# or something)?
- If proxy is the only way, can I leverage Fiddler or Wireshark? Do they have APIs which I can incorporate into my code? (I havent' come across any in their documentations - probably I'm not looking hard enough)
Any information will help me with a direction. Please help!
Thanks, Sriram Sridharan
