Export PCAP containing decrypted traffic
Hi all!
I am working on PTS and for this project, I dump a SSL keylog directly from an Android device. This way, it is quite easy to use Wireshark and see the decrypted traffic. Everything works just fine.
But, most of network analysis tools such as Arkime do not support traffic decryption. So, my question is: given a SSL keylog and a PCAP, is there a way to generate a PCAP file containing the decrypted traffic?
Cheers!
json2pcap
might be a solution but didn't work in my testing. Issue opened here: Decrypted TLS packets