Abstract: Systems and methods for analyzing content of encrypted traffic between processes are disclosed herein. According to one aspect, an exemplary method comprises rerouting traffic between a first process executing on a first computing device and a second process, to a server, to determine that there is a protected connection established between the first process and the second process, determining information related to an application pertaining to the first process, obtaining a session key for the protected connection by calling a function, wherein the information comprises an address of the function to call to obtain the session key, decrypting and analyzing the rerouted traffic on the server between the first process and the second process using the session key to determine whether the traffic contains malicious objects and in response to determining the traffic contains malicious objects, counteracting the malicious objects by blocking or rerouting the traffic.

Abstract: Systems and methods for analyzing content of encrypted traffic between processes are disclosed herein. According to one aspect, an exemplary method comprises rerouting traffic between a first process executing on a first computing device and a second process, to a server, to determine that there is a protected connection established between the first process and the second process, determining information related to an application pertaining to the first process, obtaining a session key for the protected connection by calling a function, wherein the information comprises an address of the function to call to obtain the session key, decrypting and analyzing the rerouted traffic on the server between the first process and the second process using the session key to determine whether the traffic contains malicious objects and in response to determining the traffic contains malicious objects, counteracting the malicious objects by blocking or rerouting the traffic.