NmDecrypt is a Network Monitor Expert which when given a trace with encrypted frames, a security certificate, and a passkey will create a new trace with decrypted frames added inline.
This Expert requires that you have Network Monitor 3.4 with the 3.4.2748 parser set (or above) installed. The latest parser set is available at
It also requires the .NET Framework Runtime 2.0 or above.
Supported SSL/TLS Versions
- Open an already existing trace (or save a new capture).
- Select the TCP conversation with the encrypted traffic.
- Run NmDecrypt from the Experts Menu.
Note: For the above SSL/TLS versions the Expert does not support scenarios which involve Client Authentication and Decryption of Encrypted Alert Messages.
Supported Cipher Suites