har-capture 0.9.0

HAR capture and PII sanitization library for network traffic analysis

har-capture

Capture and sanitize HAR (HTTP Archive) files with deep PII removal. Perfect for support diagnostics, security reviews, and test fixtures.

Quick Start

Windows

1. Install Python from the Microsoft Store or python.org
2. Open PowerShell and run:

pip install har-capture[full]
python -m har_capture https://example.com

macOS / Linux

pip install har-capture[full]
har-capture https://example.com

Already have a HAR file?

pip install har-capture
har-capture sanitize myfile.har --patterns network-device

---

Why har-capture?

Chrome DevTools now sanitizes cookies and auth headers, but HAR files contain much more sensitive data: IP addresses, MAC addresses, emails, passwords in form bodies, serial numbers, device names, WiFi credentials, session tokens, and API keys.

How har-capture compares:

Feature	har-capture	DevTools	Google/Cloudflare
Deep sanitization (IPs, MACs, emails)	✅	❌	❌
Correlation-preserving hashes	✅	❌	❌
Interactive review	✅	❌	Varies
Custom patterns	✅	❌	Limited
Local + CLI automation	✅	No CLI	Varies

Key benefits:

• Zero dependencies - Core sanitization uses only Python stdlib
• Format-preserving hashes - Track the same device across requests without exposing real values
• One-command workflow - Capture, sanitize, and compress in a single step
• Interactive browser flows preserved - Handle browser auth, popups, and dialogs while still recording the resulting traffic

See detailed comparison with all tools →

---

See It In Action

1. Sanitization report — 84 values auto-redacted across 9 PII categories:

2. Flagged values for review — passwords, fields, WiFi SSIDs, and phone numbers detected automatically:

3. Interactive redaction picker — high-confidence items pre-selected, you choose the rest:

---

Installation

# Core only (sanitization - zero dependencies)
pip install har-capture

# With browser capture support
pip install har-capture[capture]
playwright install chromium

# Full installation (recommended)
pip install har-capture[full]

---

Usage

Command Line

# Capture and sanitize a network device (cable modem, router, AP)
har-capture https://192.168.100.1 --patterns network-device

# Sanitize an existing HAR with universal PII rules only (no device domain)
har-capture sanitize capture.har --patterns base

# Validate for PII leaks
har-capture validate capture.har --patterns network-device

--patterns is required as of 0.9.0 — pick network-device for cable modems/routers/APs, base for generic web/API captures, or a custom JSON path. Run har-capture patterns for the full list.

Full CLI reference →

Python API

from har_capture.sanitization import sanitize_html, sanitize_har_file
from har_capture.sanitization.report import HeuristicMode

# Sanitize HTML (correlation-preserving by default)
clean_html = sanitize_html(raw_html)

# Sanitize with consistent salt (correlate across captures)
clean_html = sanitize_html(raw_html, salt="my-secret-key")

# Enable heuristic detection for WiFi, SSIDs, device names
clean_html = sanitize_html(raw_html, heuristics=HeuristicMode.REDACT)

# Sanitize HAR file
sanitize_har_file("capture.har")  # → capture.sanitized.har

# Custom patterns (e.g., modem serials, customer IDs)
custom = {"patterns": {"modem_sn": {"regex": r"SN[0-9]{10}", "replacement_prefix": "MODEM"}}}
sanitize_har_file("capture.har", custom_patterns=custom)

# Redact device-specific credential FIELD NAMES (not just value patterns).
# See docs/CUSTOM_PATTERNS.md#extending-sensitive-field-detection.
device_fields = {"fields": {"auto_redact_patterns": ["pws"]}}
sanitize_har_file("capture.har", custom_patterns=device_fields)

---

Documentation

• Comparison with Other Tools - DevTools, Google, Cloudflare, Edgio
• Correlation-Preserving Redaction - How format-preserving hashing works
• PII Categories - What gets sanitized
• Custom Patterns - Add organization-specific patterns
• CLI Reference - Detailed command documentation
• Interactive Sanitization - Review edge cases manually

---

Use Cases

• Support diagnostics - Users submit sanitized HAR files without exposing credentials
• Security review - Validate HAR files for PII leaks before sharing
• Test fixtures - Generate reproducible traffic captures
• Modem debugging - Capture router/modem traffic with sensitive data removed

---

What Gets Sanitized

Category	Examples	Output
Network	IPs, MACs	192.168.1.1 → 10.255.42.17
Personal	Emails, phones	user@example.com → user_a1b2@redacted.invalid
Credentials	Passwords, tokens	password=secret → password=PASS_a1b2c3d4
Device	Serials, WiFi, SSIDs	SN123456 → SERIAL_a1b2c3d4
HTTP	Auth headers, cookies	Cookie: session=xyz → Cookie: session=TOKEN_a1b2

See complete PII categories list →

---

Platform Support

Component	Windows	macOS	Linux
Sanitization	✅	✅	✅
Validation	✅	✅	✅
CLI	✅	✅	✅
Capture	✅	✅	✅

---

Contributing

Contributions welcome! See CONTRIBUTING.md for guidelines.

---

License

MIT License - see LICENSE for details.