Notes on winsock expert packet capture tool:
WSockHook.dll will be treated as a dangerous program by anti-virus software because it is a monitoring program and is normal. The same is true for the official version.
1. First run this software and the network application that needs to be monitored, and then use the "Open Process" button to select the correct program to open. At this time, a sub-window will be created. You can monitor multiple processes at the same time using the same method.
2. By default, the process just opened has started monitoring data. If necessary, you can manually press the "Start/Stop Capture" button on the toolbar to switch between monitoring/non-monitoring. If you find that monitoring is not performed automatically at the beginning, You will also need to switch manually.
3. Use "add filter", "Edit Filter", etc. to add/modify filter conditions, which can be used to automatically modify the data sent out by the application. The specific usage method is similar to that of WPE.
4. After creating the filter conditions, you need to press the "Set Filter" button to set the application, otherwise these filter conditions will not take effect. 5. You can save/load filter conditions in the right-click menu on the filter list.
6. Through the "Change Packet View" button, you can switch the display mode of data packets: text mode and hexadecimal mode.
it works
it works
it works