Today I am going to share the knowledge of capturing network packets in local system i.e. localhost.
Using RawCap utility, you can capture the loopback adapter packets which are our localhost packets.
Download the RawCap.exe from Netresec website url http://www.netresec.com/?page=RawCap
Once you download it
Open command prompt with administrator privileges
You have the following options while running the RawCap.exe
RawCap.exe -c <-> Stop capturing after the specified packet count reached-> -f <-> Flush each packet without buffering-> -s
Example 1: RawCap.exe 127.0.0.1 dump.pcap Note: Ctrl + C to stop the capturing
Example 2: RawCap.exe -c 1000 127.0.0.1 dump.pcap
After 1000 packets, the capturing will stop