YATT is a project to replace the current proliferation of trace tools ( tcpTrace, proxyTrace, pcapTrace ), with a single extensible tracing tool. YATT features a new GUI built with WTL, complete with a Hex View mode, and currently ships with 2 Trace providers, one based on WinPCAP and one based on the W2K Raw sockets support. Tunnelling & HTTP Proxy providers will be added in a later build. Once installed, you can run YATT, by selecting the YATT icon from the start menu. You'll be prompted to select a trace provider, choose the WinPCAP one if you have a machine that it'll work on, as there seems to be a bug in Windows XP raw sockets provider in that you don't see outgoing traffic, only inbound traffic. Once you've picked a provider, you be prompted to enter a name and/or port filter, you can either leave them blank, in which case there's no filters, or you can enter a name and/or port, this will filter the display based on what you enter. e.g. if you leave name blank, and enter 80 for the port you'll see all traffic thats going to/from port 80. If you leave the port blank, and enter www.pocketsoap.com as the name, you'll see all traffic to/from www.pocketsoap.com regardless of what port its is. If you enter a port and name, then you'll only see traffic to/from that particular combination.
Comments