AFAIK, Npcap/WinPcap works on the data link level and it sees the Ethernet frames. In my understanding, VPN SSL (https) or raw HTTP is just data of high-levels (IP packets) for Npcap/WinPcap. I don't know if it's appropriate or viable for Npcap/WinPcap to see this data. Maybe a higher-level sniffer like Fiddler is more suitable for this task? Any other opinions?
Thanks to what Guy has pointed out, I will try my best on the monitor mode when I get some time. There are some buddies asking for this feature already:)
yes, i undertood too
i think, we need also to see for use npcap by default on Wireshark... winpcap is really dead !
I haven't got an idea about the PPP support, but it sounds interested. I'm a bit confused about it. What kind of support do you want for vpn? Do you want Npcap to see decrypted data or something else? And what level vpn do you want? I know pptp l2tp ipsec ssl, at least four kinds of vpn, they work differently.
It is a VPN SSL from Fortinet/Fortigate for example ! it is a VPN SSL (top of https), the idea is to have decrypted data !