I'm trying to capture HTTP messages between my laptop and github.com with ngrep, but some responses are not human readable because they are sent in chunked encoding and zipped, like:
T 207.97.227.239:80 -> 192.168.0.175:41372 [AP]
HTTP/1.1 404 Not Found.
Server: GitHub.com.
Date: Sun, 31 Mar 2013 09:50:25 GMT.
Content-Type: text/plain.
Transfer-Encoding: chunked.
Connection: keep-alive.
Content-Encoding: gzip.
.
25.
..........
J-./.,./.T../QH./.K........
How can I unzip the response? Or is there better tool than ngrep to capture HTTP messages?
ngrep is implementation of grep for network (incoming/outgoing messages). It is not suited to capture HTTP messages. Here are two tools you can use for capturing message and viewing compressed content.