FICHA · AUR

ecapture-bin

Capturing SSL/TLS plaintext without a CA certificate using eBPF. (Binary package from GitHub Releases)

  • tls-capture-tool
  • CLI
  • Launchable
  • Runs in terminal
official+codex · reviewed · May 31, 2026 description in en

Description

TLS plaintext can be captured from processes with eBPF without installing a CA certificate. It is useful for authorized debugging, incident response, and security research on systems you control.

This is high-risk monitoring software. It can expose passwords, tokens, messages, and private data, so use only with explicit authorization and strong access controls.

How to run

ecapture

Commands: ecapture

Permissions

Permissions not analysed for this source yet.