That’s a good question and it’s not that easy to understand. Usually you should put a “Man In The Middle” between your device and your exit node to the internet (the router usually) and intercept unwanted traffic.
It’s been years since I’ve done this… for a wired connection u need to patch in a hub that can do port replication, then record the traffic on a laptop plumbed in to the duplicated port and look at it with Wireshark. Is that right? What about WiFi connections?
You can use HTTP Toolkit; you install a listener and an SSL certificate on the device you want to monitor. Then you route its traffic to a specific port of the listener and you're good!
How can I tell if any devices on my residential network have been compromised?
That’s a good question and it’s not that easy to understand. Usually you should put a “Man In The Middle” between your device and your exit node to the internet (the router usually) and intercept unwanted traffic.
It’s been years since I’ve done this… for a wired connection u need to patch in a hub that can do port replication, then record the traffic on a laptop plumbed in to the duplicated port and look at it with Wireshark. Is that right? What about WiFi connections?
You can use HTTP Toolkit; you install a listener and an SSL certificate on the device you want to monitor. Then you route its traffic to a specific port of the listener and you're good!