Export PCAP containing decrypted traffic

NSS
Decrypt_SSL-TLS
pcap

asked 2022-05-19 05:40:14 +0000

u039b
1 ●1

Hi all!

I am working on PTS and for this project, I dump a SSL keylog directly from an Android device. This way, it is quite easy to use Wireshark and see the decrypted traffic. Everything works just fine.

But, most of network analysis tools such as Arkime do not support traffic decryption. So, my question is: given a SSL keylog and a PCAP, is there a way to generate a PCAP file containing the decrypted traffic?

Cheers!

edit retag flag offensive close merge delete

Comments

json2pcap might be a solution but didn't work in my testing. Issue opened here: Decrypted TLS packets

Chuckc ( 2022-05-19 15:36:16 +0000 )edit

add a comment

Be the first one to answer this question!

Please start posting anonymously - your entry will be published after you log in or create a new account.

Export PCAP containing decrypted traffic

Comments

Be the first one to answer this question!

Question Tools

Stats

Related questions

Export PCAP containing decrypted traffic edit

Comments

Be the first one to answer this question!

Question Tools

Stats

Related questions

Export PCAP containing decrypted traffic