Feeds

HTTPView can intercept from multiple sources at the same time. This behavior can be controlled with the "Feeds" settings screen.

Intercepting browser requests

In browsers such as Chrome and Firefox, HTTPView can intercept directly without the need to install proxies. Ensure that the SecApps Browser Extension is installed.

This is a built-in feature that can be accessed with the internal://extension feed URI which is available by default in HTTPView.

Getting Started

  1. Ensure the SecApps Browser Extension is installed.
  2. Open the "Feeds" configuration screen.
  3. Ensure you have a selected feed with URL pointing to internal://extension.
  4. Press the "Start Recording" button to capture traffic.

You can now open another browser tab and work as normal. All traffic from your browser will be intercepted and displayed in the tool.

Intercepting with Pown Apps

Pown Apps is a command-line interface for all SecApps tools. They are available as a 3rd-party module inside the PownJS security framework. With the apps you can launch HTTPView as a desktop tool with features that extend far beyond the browser capabilities, including the ability to start a local proxy.

You need to have Pown and Pown Apps installed in order to use this feature:

$ npm install -g pown
$ pown modules install @pown/apps

Start HTTPView with pown like so:

$ pown apps httpview

You will see the familiar HTTPView application but as a desktop window.

Getting Started

  1. Open the "Feeds" configuration screen.
  2. Ensure you have a selected feed with URL pointing to internal://extension?flavour=proxy&port=8080. The parameters flavour and port are important.
  3. Press the "Start Recording" button to capture traffic.

A proxy server with the designated port number will be started on your local machine. You can point your browser to it using your preferred way of setting proxy settings. You can also launch a dedicated browser instance using Pown itself.

$ pown cdb launch -t -P localhost:8080

Other Methods

HTTPView is a very versatile tool that allows different ways to capture and analyze HTTP traffic. Here are some of them.

Intercepting with proxies

A compatible proxy, such as Pown Proxy, can be configured as a source for HTTPView. This allows you to intercept HTTP requests and responses that pass through the proxy. The feed URI is provided by the proxy itself and must be set up in HTTPView.

Learn More

Intercepting raw packets

HTTPView can extract HTTP sessions from TCP captures produced from tools such as tcpdump and other sniffers. One such compatible sniffer is Pown Now. This feature can be used in situations where HTTP traffic needs to be captured from the wire. For example, you can actively intercept iOS applications without the need to configure proxy settings.

Learn More