Wireshark-users: [Wireshark-users] An extra tool for those of you reverse-engineering Windows sof
From: Ole André Vadla Ravnås <oleavr@xxxxxxxxx>
Date: Thu, 20 Aug 2009 23:43:45 +0200
Hi all,

Just in case some of you may find this tool useful:

It's not a replacement for Wireshark, it's a tool to use in parallel
for getting a different angle when you're reverse-engineering Windows
software where you for instance need to sniff SSL traffic, or need to
find out where in the application's code it's parsing that
peculiar-looking binary blob, or seeing that it calls recv(4) then
recv(42) instead of just receiving 46 bytes of data, which might give
you some extra clues about the protocol.

Ole André