This post is on the distinctions between specific web sniffers: those of induction nature, and those of condenser or proxy nature.

In one of the previous posts we classified HTTP sniffers on the basis of their operation:

  1. Browser built-in sniffers
  2. Online sniffers
  3. Stand-alone application sniffers.

In this short post I want to classify web sniffers of another dimension: induction sniffers and condenser sniffers.

The names speak for themselves: the first sniffs the HTTP traffic as a coil adjacent to the traffic, the latter works as the proxy, intruding in between the transfer lines. Below I have put the figures for both types of sniffers, illustrating their operation for you:

The sniffer classifications we gave previously consider only the first kind of sniffers, which are of the induction type, while the condenser type of sniffers must be of of a proxy nature, thus standing aside.

In the sniffers classification table the first 3 categories are of induction type, while the last one (Proxy Sniffers) is a condenser type sniffer. This kind of sniffer is harder to implement because of the SSL certificate issue. However, it may provide more special features such as cache control, cookie control, DNS spoofing and others.

For a specific proxy sniffer you might read this post.