{"id":25044,"date":"2022-06-07T11:52:57","date_gmt":"2022-06-07T11:52:57","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=25044"},"modified":"2022-06-07T11:53:00","modified_gmt":"2022-06-07T11:53:00","slug":"ecapture","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/ecapture\/","title":{"rendered":"Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\">eCapture<strong> is a tool to capture SSL\/TLS text content without CA cert Using eBPF<\/strong>.<\/h3>\n\n\n\n<h2 class=\"has-text-align-center has-vivid-green-cyan-background-color has-background wp-block-heading\">How eCapture works<\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhyqHl3BxOoNkTlX0Bdgt5F7ceNM_kEZ5vU52rwVaXetgdvZq9FU4R467ZhGsy2OkTOArTVeRWnl1nwhjKk6otyC5Eg8XCnCpMKW0yV5OBsMlzcXfpIfBlMpT6LB78bZSCcOH45h_JO-AsZDha7a7glA8iYbDMNFgHM0Lo_k6vddKmdTss6CMTjnHgo\/s1333\/16.png\" alt=\"\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>SSL\/TLS text context capture, support openssl\\libressl\\boringssl\\gnutls\\nspr(nss) libraries.<\/li><li>bash audit, capture bash command for Host Security Audit.<\/li><li>mysql query SQL audit, support mysqld 5.6\\5.7\\8.0, and mariadDB.<\/li><\/ul>\n\n\n\n<h1 class=\"has-text-align-center has-vivid-green-cyan-background-color has-background wp-block-heading\"><a href=\"https:\/\/github.com\/ehids\/ecapture#ecapture-architecure\"><\/a>eCapture Architecure<\/h1>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhdiqmWAKH3urE_DuRs_TcPpjh3IyA3uGxurega8lMJ_LHoOy5KZAdy72_KN2AsBECT-gbTkEqALzd0QQRE8VDEkxC3RhN1t5vZJ7dJVjGGrK9JMJmVskV0G2xpEO0C-ZicdVhwObkgt7sQbdwg-7s3D7okFnjk7caoZszp44h9eJrXujD_fpr8G9ek\/s1200\/ecapture-architecture.png\" alt=\"\" \/><\/figure>\n\n\n\n<h1 class=\"has-text-align-center has-vivid-green-cyan-background-color has-background wp-block-heading\">Getting started<\/h1>\n\n\n\n<h2 class=\"has-light-green-cyan-background-color has-background wp-block-heading\"><a href=\"https:\/\/github.com\/ehids\/ecapture#use-elf-binary-file\"><\/a>use ELF binary file<\/h2>\n\n\n\n<p>Download ELF zip file&nbsp;release&nbsp;, unzip and use by command&nbsp;<code><strong>.\/ecapture --help<\/strong><\/code>.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Linux kernel version &gt;= 4.18<\/li><li>Enable BTF&nbsp;BPF Type Format (BTF)&nbsp;(Optional, 2022-04-17)<\/li><\/ul>\n\n\n\n<h3 class=\"has-text-align-center wp-block-heading\"><a href=\"https:\/\/github.com\/ehids\/ecapture#check-your-server-btf-config\"><\/a>check your server BTF config<\/h3>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>cfc4n@vm-server:~$# uname -r<br>4.18.0-305.3.1.el8.x86_64<br>cfc4n@vm-server:~$# cat \/boot\/config-<code>uname -r<\/code> | grep CONFIG_DEBUG_INFO_BTF<br>CONFIG_DEBUG_INFO_BTF=y<\/strong><\/p>\n\n\n\n<h3 class=\"has-text-align-center wp-block-heading\">tls command<\/h3>\n\n\n\n<p>capture tls text context. Step 1:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>.\/ecapture tls &#8211;hex<\/strong><\/p>\n\n\n\n<p>Step 2:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>curl https:\/\/github.com<\/strong><\/p>\n\n\n\n<h2 class=\"has-text-align-center wp-block-heading\">libressl&amp;boringssl<\/h2>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>for installed libressl, libssl.so.52 is the dynamic ssl lib<br>vm@vm-server:~$ ldd \/usr\/local\/bin\/openssl<br>linux-vdso.so.1 (0x00007ffc82985000)<br>libssl.so.52 =&gt; \/usr\/local\/lib\/libssl.so.52 (0x00007f1730f9f000)<br>libcrypto.so.49 =&gt; \/usr\/local\/lib\/libcrypto.so.49 (0x00007f1730d8a000)<br>libc.so.6 =&gt; \/lib\/x86_64-linux-gnu\/libc.so.6 (0x00007f1730b62000)<br>\/lib64\/ld-linux-x86-64.so.2 (0x00007f17310b2000)<br>use the libssl to config the libssl.so path<br>vm@vm-server:~$ sudo .\/ecapture tls &#8211;libssl=&#8221;\/usr\/local\/lib\/libssl.so.52&#8243; &#8211;hex<br>in another terminal, use the command, then type some string, watch the output of ecapture<br>vm@vm-server:~$ \/usr\/local\/bin\/openssl s_client -connect github.com:443<br>for installed boringssl, usage is the same<br>\/path\/to\/bin\/bssl s_client -connect github.com:443<\/strong><\/p>\n\n\n\n<h3 class=\"has-text-align-center wp-block-heading\">bash command<\/h3>\n\n\n\n<p>capture bash command.<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>ps -ef | grep foo<\/strong><\/p>\n\n\n\n<h2 class=\"has-light-green-cyan-background-color has-background wp-block-heading\">uprobe HOOK<\/h2>\n\n\n\n<h3 class=\"has-text-align-center wp-block-heading\"><a href=\"https:\/\/github.com\/ehids\/ecapture#openssllibresslboringssl-hook\"><\/a>openssl\\libressl\\boringssl hook<\/h3>\n\n\n\n<p>eCapture hook<strong><code>SSL_write<\/code>&nbsp;\\&nbsp;<code>SSL_read<\/code><\/strong>&nbsp;function of shared library&nbsp;<code><strong>\/lib\/x86_64-linux-gnu\/libssl.so.1.1<\/strong><\/code>. get text context, and send message to user space by&nbsp;eBPF maps.<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>Probes: []<em>manager.Probe{ { Section: &#8220;uprobe\/SSL_write&#8221;, EbpfFuncName: &#8220;probe_entry_SSL_write&#8221;, AttachToFuncName: &#8220;SSL_write&#8221;, \/\/UprobeOffset: 0x386B0, BinaryPath: &#8220;\/lib\/x86_64-linux-gnu\/libssl.so.1.1&#8221;, }, { Section: &#8220;uretprobe\/SSL_write&#8221;, EbpfFuncName: &#8220;probe_ret_SSL_write&#8221;, AttachToFuncName: &#8220;SSL_write&#8221;, \/\/UprobeOffset: 0x386B0, BinaryPath: &#8220;\/lib\/x86_64-linux-gnu\/libssl.so.1.1&#8221;, }, { Section: &#8220;uprobe\/SSL_read&#8221;, EbpfFuncName: &#8220;probe_entry_SSL_read&#8221;, AttachToFuncName: &#8220;SSL_read&#8221;, \/\/UprobeOffset: 0x38380, BinaryPath: &#8220;\/lib\/x86_64-linux-gnu\/libssl.so.1.1&#8221;, }, { Section: &#8220;uretprobe\/SSL_read&#8221;, EbpfFuncName: &#8220;probe_ret_SSL_read&#8221;, AttachToFuncName: &#8220;SSL_read&#8221;, \/\/UprobeOffset: 0x38380, BinaryPath: &#8220;\/lib\/x86_64-linux-gnu\/libssl.so.1.1&#8221;, }, \/<\/em>*\/<br>},<\/strong><\/p>\n\n\n\n<h3 class=\"has-text-align-center wp-block-heading\">bash readline.so hook<\/h3>\n\n\n\n<p>hook&nbsp;<code><strong>\/bin\/bash<\/strong><\/code>&nbsp;symbol name&nbsp;<code><strong>readline<\/strong><\/code>.<\/p>\n\n\n\n<h1 class=\"has-text-align-center has-vivid-green-cyan-background-color has-background wp-block-heading\"><a href=\"https:\/\/github.com\/ehids\/ecapture#how-to-compile\"><\/a>How to compile<\/h1>\n\n\n\n<p>Linux Kernel: &gt;= 4.18.<\/p>\n\n\n\n<h2 class=\"has-light-green-cyan-background-color has-background wp-block-heading\"><a href=\"https:\/\/github.com\/ehids\/ecapture#tools\"><\/a>Tools<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>golang 1.16<\/li><li>clang 9.0.0<\/li><li>cmake 3.18.4<\/li><li>clang backend: llvm 9.0.0<\/li><li>kernel config:CONFIG_DEBUG_INFO_BTF=y (Optional, 2022-04-17)<\/li><\/ul>\n\n\n\n<h2 class=\"has-light-green-cyan-background-color has-background wp-block-heading\"><a href=\"https:\/\/github.com\/ehids\/ecapture#command\"><\/a>command<\/h2>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>git clone git@github.com:ehids\/ecapture.git<br>cd ecapture<br>make<br>bin\/ecapture &#8211;help<\/strong><\/p>\n\n\n\n<h2 class=\"has-light-green-cyan-background-color has-background wp-block-heading\">compile without BTF<\/h2>\n\n\n\n<p>eCapture support NO BTF with command&nbsp;<code><strong>make nocore<\/strong><\/code>&nbsp;to compile on 2022\/04\/17.<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>make nocore<br>bin\/ecapture &#8211;help<\/strong><\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-16018d1d wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-vivid-cyan-blue-background-color has-background\" href=\"https:\/\/github.com\/ehids\/ecapture\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>eCapture is a tool to capture SSL\/TLS text content without CA cert Using eBPF. How eCapture works SSL\/TLS text context capture, support openssl\\libressl\\boringssl\\gnutls\\nspr(nss) libraries. bash audit, capture bash command for Host Security Audit. mysql query SQL audit, support mysqld 5.6\\5.7\\8.0, and mariadDB. eCapture Architecure Getting started use ELF binary file Download ELF zip file&nbsp;release&nbsp;, unzip [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":25062,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[5249,5247,5248],"class_list":["post-25044","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-ebpf","tag-ecapture","tag-ssl-tls"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF<\/title>\n<meta name=\"description\" content=\"eCapture is a tool to capture SSL\/TLS text content without CA cert Using eBPF. SSL\/TLS text context capture, support openssllibressl.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/ecapture\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF\" \/>\n<meta property=\"og:description\" content=\"eCapture is a tool to capture SSL\/TLS text content without CA cert Using eBPF. SSL\/TLS text context capture, support openssllibressl.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/ecapture\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-07T11:52:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-06-07T11:53:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF\",\"datePublished\":\"2022-06-07T11:52:57+00:00\",\"dateModified\":\"2022-06-07T11:53:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/\"},\"wordCount\":449,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png\",\"keywords\":[\"eBPF\",\"Ecapture\",\"SSL\/TLS\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/ecapture\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/\",\"name\":\"Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png\",\"datePublished\":\"2022-06-07T11:52:57+00:00\",\"dateModified\":\"2022-06-07T11:53:00+00:00\",\"description\":\"eCapture is a tool to capture SSL\/TLS text content without CA cert Using eBPF. SSL\/TLS text context capture, support openssl\\\\libressl.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/ecapture\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ecapture\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF","description":"eCapture is a tool to capture SSL\/TLS text content without CA cert Using eBPF. SSL\/TLS text context capture, support openssllibressl.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/ecapture\/","og_locale":"en_US","og_type":"article","og_title":"Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF","og_description":"eCapture is a tool to capture SSL\/TLS text content without CA cert Using eBPF. SSL\/TLS text context capture, support openssllibressl.","og_url":"https:\/\/kalilinuxtutorials.com\/ecapture\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2022-06-07T11:52:57+00:00","article_modified_time":"2022-06-07T11:53:00+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/ecapture\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/ecapture\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF","datePublished":"2022-06-07T11:52:57+00:00","dateModified":"2022-06-07T11:53:00+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ecapture\/"},"wordCount":449,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ecapture\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png","keywords":["eBPF","Ecapture","SSL\/TLS"],"articleSection":["Kali Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/ecapture\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/ecapture\/","url":"https:\/\/kalilinuxtutorials.com\/ecapture\/","name":"Ecapture : Capture SSL\/TLS Text Content Without CA Cert By eBPF","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ecapture\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ecapture\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png","datePublished":"2022-06-07T11:52:57+00:00","dateModified":"2022-06-07T11:53:00+00:00","description":"eCapture is a tool to capture SSL\/TLS text content without CA cert Using eBPF. SSL\/TLS text context capture, support openssl\\libressl.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/ecapture\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/ecapture\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGo_OXQ9aP_zO6kzl1T2gUtKx8mSfuuT-yUGAnB8kVGW2ell8GZ19cMVyvW7o4IHCP9Yihj5DmkBAa8z-vRQjW2LOEUJleLhkDHgUXkM_SGWdVYRdiMEPJBRQdlbsn8C5B-EJ8cyeW0rV82QxzoJD2juP3GAz4dCz5B58GSxk49K_zFieNG0UQHA6w\/s728\/ecapture-logo-400x400%20(1).png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":26487,"url":"https:\/\/kalilinuxtutorials.com\/peetch\/","url_meta":{"origin":25044,"position":0},"title":"Peetch\u00a0: An eBPF Playground","author":"R K","date":"August 22, 2022","format":false,"excerpt":"peetch\u00a0is a collection of tools aimed at experimenting with different aspects of eBPF to bypass TLS protocol protections. Currently, peetch includes two subcommands. The first called\u00a0dump\u00a0aims to sniff network traffic by associating information about the source process with each packet. The second called\u00a0tls\u00a0allows to identify processes using OpenSSL to extract\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgIw_UrY01UOQImtEy8bNJyBq1jPMXq3w_9BklG1vQbmRzsnuMSyWuQlARzDY7VTh-fLtMh_0qyx4TSAihLO_EscyiYtEB2hefdhMNztqBE78YK3F-DI_vlO6IRlLxeTyeqiigNDZydpRS4YS4lforN8jLvLd5BCbMzcqd5asFvoljog52YZRM_R6fr\/s728\/download%20%281%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgIw_UrY01UOQImtEy8bNJyBq1jPMXq3w_9BklG1vQbmRzsnuMSyWuQlARzDY7VTh-fLtMh_0qyx4TSAihLO_EscyiYtEB2hefdhMNztqBE78YK3F-DI_vlO6IRlLxeTyeqiigNDZydpRS4YS4lforN8jLvLd5BCbMzcqd5asFvoljog52YZRM_R6fr\/s728\/download%20%281%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgIw_UrY01UOQImtEy8bNJyBq1jPMXq3w_9BklG1vQbmRzsnuMSyWuQlARzDY7VTh-fLtMh_0qyx4TSAihLO_EscyiYtEB2hefdhMNztqBE78YK3F-DI_vlO6IRlLxeTyeqiigNDZydpRS4YS4lforN8jLvLd5BCbMzcqd5asFvoljog52YZRM_R6fr\/s728\/download%20%281%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgIw_UrY01UOQImtEy8bNJyBq1jPMXq3w_9BklG1vQbmRzsnuMSyWuQlARzDY7VTh-fLtMh_0qyx4TSAihLO_EscyiYtEB2hefdhMNztqBE78YK3F-DI_vlO6IRlLxeTyeqiigNDZydpRS4YS4lforN8jLvLd5BCbMzcqd5asFvoljog52YZRM_R6fr\/s728\/download%20%281%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":2351,"url":"https:\/\/kalilinuxtutorials.com\/waf-buster-disrupt-waf-by-abusing-ssl-tls-ciphers\/","url_meta":{"origin":25044,"position":1},"title":"WAF-Buster : Disrupt WAF by abusing SSL\/TLS Ciphers","author":"R K","date":"August 23, 2018","format":false,"excerpt":"WAF-buster tool was created to Analyze the ciphers that are supported by the Web application firewall being used at the web server end. It works by first triggering SslScan to look for all the supported ciphers during SSL\/TLS negotiation with the web server.After getting the text file of all the\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/08\/Usage.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/08\/Usage.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/08\/Usage.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":12281,"url":"https:\/\/kalilinuxtutorials.com\/http_bridge\/","url_meta":{"origin":25044,"position":2},"title":"HTTP_Bridge : Send TCP Stream Packets Over Simple HTTP Request","author":"R K","date":"March 16, 2021","format":false,"excerpt":"HTTP_Bridge is a tool used for compouned of two parts, the server and a client. Server The server is just a php file with some logic to keep a stateful connections using tcp sockets, and handle the incomming http requests; by now this logic only works over linux servers. I've\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6851,"url":"https:\/\/kalilinuxtutorials.com\/fatt-fingerprint-all-the-things\/","url_meta":{"origin":25044,"position":3},"title":"FATT -Fingerprint All The Things","author":"R K","date":"October 11, 2019","format":false,"excerpt":"FATT (fingerprintAllTheThings) is a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic. A script for extracting network metadata and fingerprints such as\u00a0JA3\u00a0and\u00a0HASSH\u00a0from packet capture files (pcap) or live network traffic. The main use-case is for monitoring honeypots, but you can also use\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":34761,"url":"https:\/\/kalilinuxtutorials.com\/leveraging-ebpf-for-advanced-kubernetes-monitoring\/","url_meta":{"origin":25044,"position":4},"title":"Leveraging eBPF For Advanced Kubernetes Monitoring","author":"Varshini","date":"September 9, 2024","format":false,"excerpt":"eBPF, or Extended Berkeley Packet Filter, is a technology that lets programs run in the Linux kernel. It was first made for filtering network packets, but now it's used for monitoring systems. eBPF programs can run in the kernel without changing the source code or adding new modules, which makes\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg-wNH7L3_gSkurl_9bP3NfBNssHuWYrMIB5LZXwXXKlqsXMGgzrBBnR20S6gVuS1Hi1b7KGSJUEJQqX_b9EcMVTDH-FQn6kMMrjQkfV42tGG47h3C_fsnQCWmdBI6x-Ua1OagxyjJO1cGiLm0rIAfWQXO71l44_u7c0gpryDBPELd4L0b0VCEkGcJDlLFN\/s16000\/DeadPotato%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg-wNH7L3_gSkurl_9bP3NfBNssHuWYrMIB5LZXwXXKlqsXMGgzrBBnR20S6gVuS1Hi1b7KGSJUEJQqX_b9EcMVTDH-FQn6kMMrjQkfV42tGG47h3C_fsnQCWmdBI6x-Ua1OagxyjJO1cGiLm0rIAfWQXO71l44_u7c0gpryDBPELd4L0b0VCEkGcJDlLFN\/s16000\/DeadPotato%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg-wNH7L3_gSkurl_9bP3NfBNssHuWYrMIB5LZXwXXKlqsXMGgzrBBnR20S6gVuS1Hi1b7KGSJUEJQqX_b9EcMVTDH-FQn6kMMrjQkfV42tGG47h3C_fsnQCWmdBI6x-Ua1OagxyjJO1cGiLm0rIAfWQXO71l44_u7c0gpryDBPELd4L0b0VCEkGcJDlLFN\/s16000\/DeadPotato%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg-wNH7L3_gSkurl_9bP3NfBNssHuWYrMIB5LZXwXXKlqsXMGgzrBBnR20S6gVuS1Hi1b7KGSJUEJQqX_b9EcMVTDH-FQn6kMMrjQkfV42tGG47h3C_fsnQCWmdBI6x-Ua1OagxyjJO1cGiLm0rIAfWQXO71l44_u7c0gpryDBPELd4L0b0VCEkGcJDlLFN\/s16000\/DeadPotato%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg-wNH7L3_gSkurl_9bP3NfBNssHuWYrMIB5LZXwXXKlqsXMGgzrBBnR20S6gVuS1Hi1b7KGSJUEJQqX_b9EcMVTDH-FQn6kMMrjQkfV42tGG47h3C_fsnQCWmdBI6x-Ua1OagxyjJO1cGiLm0rIAfWQXO71l44_u7c0gpryDBPELd4L0b0VCEkGcJDlLFN\/s16000\/DeadPotato%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg-wNH7L3_gSkurl_9bP3NfBNssHuWYrMIB5LZXwXXKlqsXMGgzrBBnR20S6gVuS1Hi1b7KGSJUEJQqX_b9EcMVTDH-FQn6kMMrjQkfV42tGG47h3C_fsnQCWmdBI6x-Ua1OagxyjJO1cGiLm0rIAfWQXO71l44_u7c0gpryDBPELd4L0b0VCEkGcJDlLFN\/s16000\/DeadPotato%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":25929,"url":"https:\/\/kalilinuxtutorials.com\/mitm_intercept\/","url_meta":{"origin":25044,"position":5},"title":"MITM_Intercept : A Little Bit Less Hackish Way To Intercept And Modify non-HTTP Protocols Through Burp And Others","author":"R K","date":"July 25, 2022","format":false,"excerpt":"MITM_Intercept is a little bit less hackish way to intercept and modify non-HTTP protocols through Burp and others with SSL and TLS interception support. This tool is for researchers and applicative penetration testers that perform thick clients security assesments. An improved version of the fantastic\u00a0mitm_relay\u00a0project. The Story As part of\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh259XKa2ZeVsxxk_SrjGxLL1vTczyQPQZM95OMdDwYUAQNSnsJbUNtF-vGE2jn0MHWlU0-eTaTt0gv9TlcW4pU7iqz2e8qOVXCXNcDy394CsO4vbPt3wIoQidKYOj32N3sPvzCIdmwmMlOWGCETxRcXl-hhcu9_Vb6m8UY86GcI4_-6UqXY_utx5tz\/s728\/MITM_Intercept_1-769093%20%282%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh259XKa2ZeVsxxk_SrjGxLL1vTczyQPQZM95OMdDwYUAQNSnsJbUNtF-vGE2jn0MHWlU0-eTaTt0gv9TlcW4pU7iqz2e8qOVXCXNcDy394CsO4vbPt3wIoQidKYOj32N3sPvzCIdmwmMlOWGCETxRcXl-hhcu9_Vb6m8UY86GcI4_-6UqXY_utx5tz\/s728\/MITM_Intercept_1-769093%20%282%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh259XKa2ZeVsxxk_SrjGxLL1vTczyQPQZM95OMdDwYUAQNSnsJbUNtF-vGE2jn0MHWlU0-eTaTt0gv9TlcW4pU7iqz2e8qOVXCXNcDy394CsO4vbPt3wIoQidKYOj32N3sPvzCIdmwmMlOWGCETxRcXl-hhcu9_Vb6m8UY86GcI4_-6UqXY_utx5tz\/s728\/MITM_Intercept_1-769093%20%282%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh259XKa2ZeVsxxk_SrjGxLL1vTczyQPQZM95OMdDwYUAQNSnsJbUNtF-vGE2jn0MHWlU0-eTaTt0gv9TlcW4pU7iqz2e8qOVXCXNcDy394CsO4vbPt3wIoQidKYOj32N3sPvzCIdmwmMlOWGCETxRcXl-hhcu9_Vb6m8UY86GcI4_-6UqXY_utx5tz\/s728\/MITM_Intercept_1-769093%20%282%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/25044","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=25044"}],"version-history":[{"count":16,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/25044\/revisions"}],"predecessor-version":[{"id":25364,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/25044\/revisions\/25364"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/25062"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=25044"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=25044"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=25044"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}