Proxenet is a hacker friendly proxy for web application penetration tests.
proxenet
is a multi-threaded proxy which allows you manipulate your HTTP requests and responses using your favorite scripting language. No need to learn Java (like for Burp) or Python (like for mitmproxy). proxenet
supports heaps of languages (see the section "Language Versions") and more can be easily added.proxenet
is not script kiddie friendly, neither GUI friendly. If this is what you are looking for, here are a few links for you:Or the best way, write your own GUI as a
proxenet
plugin!Why ?
The idea behind
proxenet
came after a lot of frustration from attempting to write extensions for Burp. Moreover, only a few proxies already existing supports the possibility to add new extensions. And when they do, they are (one) language specific - despite Burp persistent attempts to make unnatural bindings (Python over Java or worse Ruby over Java.Being written in pure C, it is fast, efficient and easily pluggable to anything else. It is the utimate real DIY web proxy for pentest(ers).
Features
Here are a sample of features already supported by
proxenet
:- Written in C
- Fast (heavy thread use)
- Efficient (POSIX compatible)
- Low memory footprint (for the core)
- Can interact with any language
- Provides plugins support for the following languages:
- C
- Python
- Lua
- Ruby
- Perl
- Tcl
- Java
- SSL
- Full SSL interception (internal CA)
- SSL client certificate authentication
- IPv4/IPv6
- HTTP Proxy forwarding
- White-list/Black-list hosts filtering
- Command interface out-of-band
- Nice TTY colors :D
- 100% Open-Source
... and more !
The best of both world ?
Some people might miss the beautiful interface some other GUI-friendly proxies provide. So be it! Plug
How to start
proxenet
as a relay behind your favorite Burp
, Zap
, Proxystrike
, burst
, etc. and enjoy the show!How to start
$ git clone https://github.com/hugsy/proxenet.git
$ cd proxenet && cmake . && make
0 comentários:
Post a Comment
Note: Only a member of this blog may post a comment.