Is it possible if I have a tcpdump set up at the gateway of the company LAN, such that all incoming and outgoing traffic is captured, that someone can decrypt the encrypted payload of https packets ? if so, what tools are used to decrypt the payloads of the packets ?
Thanks
-SF
Generally this is not possible unless you have the NSA or the keys at your disposal. But if you do (have the keys), Wireshark can help,
The SSL dissector is fully functional and even supports advanced features such as decryption of SSL if the encryption key can be provided and Wireshark is compiled against GnuTLS (rather than OpenSSL or bsafe). This works for RSA private keys.