HTTP sniffer is an application that monitors traffic data to and from a computer network link. It can be an independent software application or hardware device equipped with the relevant firmware and software. Sniffers exist in a variety of platforms including both commercial and open source versions. Some sniffers can only intercept data from TCP/IP protocols but the more complex ones even capture and decode data packets for the more secure SSL /HTTPS protocol that use asymmetric cryptography.
Sniffers come in a variety of forms and the major ones include online, proxy, and application sniffers.
Online sniffers are limited to basic analyzing of a particular webpage. You provide a link to check and they respond with the HTTP header and HTTP content of the requested page. Online sniffers can be used to quickly check the basic server settings and see the source code of the requested page.
Proxy sniffers monitor all traffic between internet applications, including your web browser and the web on a certain protocols like HTTP or FTP. These sniffers can only operate with applications configured to use proxy servers and unlike other sniffers, these may have an effect on the traffic. Proxy sniffers may decode SSL / HTTPS traffic, but developers need to install a special self-signed root certificate issued by proxy vendor. This certificate is needed to implement the Man-in-the-middle technique for decrypting SSL.
Application sniffers are the most powerful ones. They are standalone applications that work on a developer’s computer and have the ability to capture network traffic for all protocols. Some of them can even capture data packets from other computers in the same network. Application sniffers are not limited to Man-in-the-middle technique when decrypting the SSL / HTTPS traffic as proxy sniffers. Some may use API hooks for decoding SSL and don’t require root certificate to operate. But API hooks have limitted usage, for example, API hooks don't work with recent versions of Google Chrome or Opera. HTTP Debugger is an example of application sniffer. Versions prior to v5.0 were using API Hooks for decoding SSL while new versions use Man-in-the-middle technique.
Modern browsers provide some basic information about website traffic usage (for example for Google Chrome you can see this information on Network tab of Web Inspector). This information, though, is limited and not easy to analyze.
HTTP sniffers however, provide in depth information on every aspect of loading a webpage and/or any web resource including but not limited to built-in HTML, CSS, JS, JSON, XML syntax highlighters, JSON and XML tree structure viewers, built-in image viewers, automatic server error and performance bottlenecks detecting and even website structure tree viewer. With some sniffers you can modify and reply back modified HTTP requests to the web server to test it with various conditions in order to reproduce and fix website errors.
Some advanced sniffers can visualize your traffic in form of charts or diagrams and generate HTTP traffic reports.
Network and System Administrators use sniffers to monitor and troubleshoot the network traffic. For example, administrators may analyze the HTTP data packets sent by malware programs and identify the security risks, or to detect undesirable activities and maintain effective network data flow.
HTTP Debugger is an advanced HTTP sniffer written by developers for developers to provide all in depth information for debugging websites and Internet applications.