A while back, I explained how you can use Telerik Fiddler or the Catapult NetLog Viewer to analyze a network log captured from Microsoft Edge, Google Chrome, or another Chromium or Electron-based application.
Fortunately, the NetLog Viewer is a self-contained single page application that doesn’t need a network connection to run. You can use it entirely offline, either from a Virtual Machine with no network connection, or from a browser instance configured to override all network requests.
Your first step is to get an copy of the viewer as a file. You can do that by right-clicking this link and choosing “Save Link As”. Save the HTML file somewhere locally, e.g.
C:\temp\NetLogView.html on Windows.
If you want to run it from a disconnected VM, simply copy the file into such a VM and you’re good to go.
If, however, you want the convenience of running the viewer from your Internet-connected PC without worrying about leaks, you can run it from a browser instance that won’t make network connections.
After saving the file, open it in a new browser window thusly:
msedge.exe --user-data-dir=C:\temp\profile --inprivate --host-rules="MAP * 0.0.0.0" --app=C:\temp\NetLogView.html
The command line arguments bear some explanation. In reverse order:
appargument instructs Edge to open the supplied file with a minimal browser UI, as if it were a native app.
host-rulesargument tells the browser instance to direct all network requests to an IP address of
0.0.0.0. On Windows, such requests instantly fail. On Mac/Linux, the null IP points back at your own PC.
inprivateargument directs the browser to discard all storage after the app exits (since it’s not needed). For Chrome, use
user-data-dirinstructs the browser to use a temporary browser profile (which prevents the app’s window from being merged into an existing browser process, such that the
host-rulesargument would’ve been ignored.)
While none of this is strictly necessary (the NetLog Viewer doesn’t leak data), it’s always nice to be able to discard attack surface wherever possible.