tomfanning/gist:306a639a8bffbd0cfdf3

Created September 25, 2015 10:58

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/tomfanning/306a639a8bffbd0cfdf3.js"></script>
Save tomfanning/306a639a8bffbd0cfdf3 to your computer and use it in GitHub Desktop.

Download ZIP

One liner for dumping HTTP request / response headers

Raw

gistfile1.txt

tcpdump -A -s 10240 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | egrep --line-buffered "^........(GET |HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " | sed -r 's/^........(GET |HTTP\/|POST |HEAD )/\n\1/g'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment