Using Netwox to sniff data [Tutorial]

Lavesh pashte
3 min readDec 4, 2020

Hello guys welcome back ..

Today ill be showing you how to sniff data using Netwox which is awesome tool and has tons of functionalities out of which ill be showing or demonstrating you how to sniff traffic/data

In this ill be just sniffing some incoming data but in real life scenario one can actually do an arp spoof attack and get in middle of 2 devices and then sniff some confidential data.If you dont know arp-spoofing please checkout the link above

Netwox is a command line utility

for some tools netwox needs administrative or root privileges

soo lets start netwox

IN order to do sniffing we are going to select “d”

Again we are prompted with new output

Here we will choose options “a” to sniff

There are various parameters which can help us to narrow down our sniff traffic and get us the real important things/data

Here im going to use

netwox 7 -d eth0 -f “ host && port 80”

  • -d :specifies which interface to sniff on
  • -f:Is used for pcap filters

Im going to start apache service on our machine so that the port is listening

now im going to use my other windows machine to send a request to the client server[local machine/server]

for that i have applied 2 pcap filters

host && port 80:It will only sniff traffic coming from the host address and matching the mentioned port number

SYN packet

after sniffing ,the data is even represented with each packets that are transferred during tcp handshake

SYN ACK packet
ACK packet

This is really awesome

after that we see a get request from our windows machine

And this is the data being transferred

this tool provides so much specifications and detail

we can also store this into file using

netwox 7 -d eth0 -f “ host && port 80” -o output_file

And with the -R options we can also provide encoding type to use while storing into file

netwox 7 -d eth0 -f “ host && port 80” -o output_file -R “base64”

There other functionalities as well please try to do your own research on this tool..because im pretty sure this tool is very good for network administrator or sysadmin to have in their arsenal..For more details netwox

Thanks you guys this is it for today