rhemz/gist:812a22e4cce3534acc1088d0493ac06b

## gistfile1.txt
# Incoming HTTP traffic on interface bound for IP
sudo tcpdump -s 0 -i <interface> -A host <host/ip> and tcp port http

# All Outgoing HTTP traffic
sudo tcpdump dst port 80 -v -n

# SSL handshake
sudo tcpdump -i <interface> -s 1500 -vv -lntX host emailapi.dynect.net and port 443
openssl s_client -connect emailapi.dynect.net:443
GET / HTTP/1.0

# SQL Sniffer on interface, will not catch interactive session queries
sudo tcpdump -i <interface> -s 0 -l -w - dst port 3306 | strings | perl -e '
while(<>) { chomp; next if /^[^ ]+[ ]*$/;
  if(/^(SELECT|UPDATE|DELETE|INSERT|SET|COMMIT|ROLLBACK|CREATE|DROP|ALTER)/i) {
    if (defined $q) { print "$q\n"; }
    $q=$_;
  } else {
    $_ =~ s/^[ \t]+//; $q.=" $_";
  }
}'
	# Incoming HTTP traffic on interface bound for IP
	sudo tcpdump -s 0 -i <interface> -A host <host/ip> and tcp port http

	# All Outgoing HTTP traffic
	sudo tcpdump dst port 80 -v -n

	# SSL handshake
	sudo tcpdump -i <interface> -s 1500 -vv -lntX host emailapi.dynect.net and port 443
	openssl s_client -connect emailapi.dynect.net:443
	GET / HTTP/1.0

	# SQL Sniffer on interface, will not catch interactive session queries
	sudo tcpdump -i <interface> -s 0 -l -w - dst port 3306 \| strings \| perl -e '
	while(<>) { chomp; next if /^[^ ]+[ ]*$/;
	if(/^(SELECT\|UPDATE\|DELETE\|INSERT\|SET\|COMMIT\|ROLLBACK\|CREATE\|DROP\|ALTER)/i) {
	if (defined $q) { print "$q\n"; }
	$q=$_;
	} else {
	$_ =~ s/^[ \t]+//; $q.=" $_";
	}
	}'