As a tester, packet capturing is essential. Mainstream packet capturing tools include: Fiddler, Charles, Wireshark, etc. There are so many packet capturing tools on the market, each with its own advantages and disadvantages. It’s unnecessary to know them all; just find the one that suits you the best. How do you choose? Let’s analyze it for you below.
Principle of packet capturing tools: It is an HTTP debugging proxy. When the client requests data from the server, the data first passes through the proxy before being transferred to the server. As shown in the figure below, it’s easy to understand.
Why capture packets? In my current work, when a bug is discovered during testing, packet capturing tools can help us analyze and pinpoint issues between the front and back end. They can also be used for interface testing ahead of time or to find request parameters when there is no interface documentation.
/>
1 The most commonly used packet capturing tool: Fiddler
Fiddler, developed by the .NET team, can handle and record all HTTP requests between the client and server. Fiddler is a powerful packet capturing tool supporting PC/mobile packet capturing, performance testing, security testing, file replacement, interface testing, and even graphical analysis. However, in my opinion, while the features are powerful, the common features are enough for a tester, and the interface is somewhat complex.
Moreover, when configuring Fiddler for HTTPS requests or mobile packet capturing, downloading a CA certificate is necessary. There’s a risk of misconfiguration, leaving many users with difficulties. The packet capturing page is shown below:
2 Simplistic packet capturing tool: Charles
A packet capturing tool based on Python and C++, Charles was initially known as a packet tool for MAC but is also available for Windows systems. This is the packet capturing software I use most often, especially during app testing as it’s very convenient. Ever since using Charles, I’ve found it the most suitable for me. It can handle mobile packet capturing and file switching, fully meeting the packet capturing requirements in testing. Its tree structure aids in viewing interfaces, the only downside being its cost, though it’s easily cracked. The packet capturing page is shown below:
3 Network packet analysis software: Wireshark
This is a network packet capturing software capable of capturing various network packets, but it requires network protocol knowledge. Therefore, it’s only suitable for network analysis, not for normal testing purposes, and for security, the packet contents should not be modified. For HTTP/HTTPS requests, using the aforementioned packet capturing tools is more appropriate, but Wireshark can be used for capturing TCP and UDP protocols. As shown in the figure:
4 Packet capturing tools suitable for data analysis: HttpWatch
This is a powerful web data analysis tool integrated into the IE browser’s toolbar, including functions like web summary, cookie management, cache management, message sending and receiving, character query, POST data, and directory management reports. This packet capturing tool does not require using proxy services to obtain web request and response data. The limitation is that it can only be used in the IE browser or by downloading a Chrome plugin, as shown in the packet capturing example:
Go ahead and choose a packet capturing tool that suits you~
