HTTP/HTTPS MITM proxy and recorder.

Hyperfox

Build Status

Hyperfox is a security auditing tool that proxies and records HTTP and HTTPS traffic between two points.

Installation

You can install the latest version of hyperfox to /usr/local/bin with the following command (requires admin privileges):

curl -sL 'https://raw.githubusercontent.com/malfunkt/hyperfox/master/install.sh' | sh

If you'd rather not accept free candy from this van you can also grab a release from our releases page and install it manually.

Building hyperfox from source

In order to build hyperfox from source you'll need Go and a C compiler:

Use go install to build and install hyperfox:

go install github.com/malfunkt/hyperfox

How does it work?

Hyperfox creates a transparent HTTP proxy server and binds it to port 1080/TCP on localhost (-addr 127.0.0.1 -http 1080). The proxy server reads plaintext HTTP requests and redirects them to the target destination (the Host header is used to identify the destination), when the target destination replies, Hyperfox intercepts the response and forwards it to the original client.

All HTTP communications between origin and destination are intercepted by Hyperfox and recorded on a SQLite database that is created automatically. Everytime Hyperfox starts, a new database is created (e.g.: hyperfox-00123.db). You can change this behaviour by explicitly providing a database name (e.g.: -db traffic-log.db).

Usage

Launch Hyperfox with default configuration:

hyperfox

use cURL to request any HTTP page, the -x parameter tells cURL to use hyperfox as proxy:

curl -x http://127.0.0.1:1080 example.com

you should be able to see a log for the page you requested in Hyperfox's output:

...
127.0.0.1:44254 - - [11/Apr/2020:19:19:48 -0500] "GET http://example.com/ HTTP/1.1" 200 -1

User interface (-ui)

hyperfox-ui

Use the -ui parameter to enable Hyperfox UI wich will open in a new browser window:

hyperfox -db records.db -ui

The above command creates a web server that binds to 127.0.0.1:1984. If you'd like to change the bind address or port use the -ui-addr switch:

hyperfox -db records.db -ui -ui-addr 127.0.0.1:3000

Changing the UI server address is specially useful when Hyperfox is running on a remote or headless host and you'd like to see the UI from another host.

Enabling the UI also enables a minimal REST API (at 127.0.0.1:4891) that is consumed by the front-end application.

Please note that Hyperfox's REST API is only protected by a randomly generated key that changes everytime Hyperfox starts, depending on your use case this might not be adecuate.

Run Hyperfox UI on your mobile device

When the -ui-addrparameter is different from 127.0.0.1 Hyperfox will output a QR code to make it easier to connect from mobile devices:

hyperfox -db records.db -ui -ui-addr 192.168.1.23:1984

SSL/TLS mode (-ca-cert & -ca-key)

SSL/TLS connections are secure end to end and protected from eavesdropping. Hyperfox won't be able to see anything happening between a client and a secure destination. This is only valid as long as the chain of trust remains untouched.

Let's suppose that the client trusts a root CA certificate that is known by Hyperfox, if that happens Hyperfox will be able to issue certificates that are going to be trusted by the client.

Examples of such bogus root CA files be found here:

you can also generate your own root CA certificate and key.

There are a number of ways to install root CA certificates, depending on your operating system.

This QR code might come in handy when installing Hyperfox's root CA on a mobile device:

Hyperfox root CA certificate

Use the -ca-cert and -ca-key flags to provide Hyperfox with the root CA certificate and key you'd like to use:

hyperfox -ca-cert rootCA.crt -ca-key rootCA.key

the above command creates a special server and binds it to 127.0.0.1:10443, this server waits for a SSL/TLS connection to arrive. When a new SSL/TLS connection hits in, Hyperfox uses the SNI extension to identify the destination nameserver and to create a SSL/TLS certificate for it, this certificate is signed with the providede root CA key.

TLS interception example

Launch Hyperfox with appropriate TLS parameters and -http 443 (port 443 requires admin privileges).

sudo hyperfox -ca-cert ./ca/rootCA.crt -ca-key ./ca/rootCA.key -https 443

Use cURL to build a HTTPs request to example.com: the -resolve option tells cURL to skip DNS verification and use 127.0.0.1 as if it were the legitimate address for example.com, while the -k parameter tells cURL to accept any TLS certificate.

curl -k -resolve example.com:443:127.0.0.1 https://example.com

you should be able to see a log for the page you requested in Hyperfox's output:

127.0.0.1:36398 - - [11/Apr/2020:19:36:56 -0500] "GET https://example.com/ HTTP/2.0" 200 -1

Usage examples

Via /etc/hosts on localhost

Add the host you'd like to inspect to your /etc/hosts file:

example.com 127.0.0.1

Run Hyperfox with the options you'd like, just remember that you should use ports 80 for HTTP and 443 for HTTPS, and that requires admin privileges. In addition to -http and -https use the -dns parameter with a valid DNS resolver:

sudo hyperfox -ui -http 80 -dns 8.8.8.8

that will make Hyperfox skip the OS DNS resolver and use an alternative one (remember that example.com points to 127.0.1).

Now use cURL and try to go to the destination:

curl http://example.com

Hyperfox will capture the request and print it to its output:

127.0.0.1:41766 - - [11/Apr/2020:19:43:30 -0500] "GET http://example.com/ HTTP/1.1" 200 -1

Via ARP Spoofing on a LAN

See MITM attack with Hyperfox and arpfox.

Hacking

Choose an issue, fix it and send a pull request.

License

Copyright (c) 2012-today José Nieto, https://xiam.io

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Comments
  • TLS oversized record error

    TLS oversized record error

    Hi,

    I'm trying to setup HTTPs capturing, but I'm receiving multiple errors like this when initializing HTTPs requests:

    2015/03/08 12:48:15 http: TLS handshake error from 192.168.0.102:52759: tls: oversized record received with length 20037
    

    I'm running the latest OS X and have followed the tutorials on https://hyperfox.org/capturing-https-traffic. Hyperfox version is 0.9. HTTP capturing works fine.

    Any idea what might be wrong?

  • Windows support.

    Windows support.

    I think Hyperfox would compile fine on a Windows machine but I can't test it since I don't have a license so some help would be appreciated.

    Some concerns:

    • Hyperfox depends on mattn's SQLite driver which requires CGO.
    • We need instructions for building and testing from scratch on a VirtualBox's virtual machine and not a binary build.
    • Instructions for enabling IP forwarding are also needed.
  • undefined: tls.ClientHelloInfo

    undefined: tls.ClientHelloInfo

    Hello,

    When I launch "go get github.com/xiam/hyperfox" I obtain the following result:

    github.com/xiam/hyperfox/proxy

    /usr/lib/go/src/pkg/github.com/xiam/hyperfox/proxy/main.go:301: undefined: tls.ClientHelloInfo /usr/lib/go/src/pkg/github.com/xiam/hyperfox/proxy/main.go:325: unknown tls.Config field 'GetCertificate' in struct literal

    Have you an idea ?

    I work on Debian in multi release mode and the go version is "go1.3.2 linux/amd64"

    Thanks in advance ;)

  •  panic serving 127.0.0.1:XXX: Unknown condition type uint

    panic serving 127.0.0.1:XXX: Unknown condition type uint

    Full stack trace:

    toby @ ~ () => hyperfox 
    2016/12/10 14:41:23 Hyperfox v1.9.7 // https://hyperfox.org
    2016/12/10 14:41:23 By José Carlos Nieto.
    
    2016/12/10 14:41:23 Initializing database hyperfox-00001.db...
    2016/12/10 14:41:23 Starting (local) API server...
    2016/12/10 14:41:23 Watch live capture at http://live.hyperfox.org/#/?source=127.0.0.1:44673
    
    2016/12/10 14:41:23 Listening for incoming HTTP client requests on 0.0.0.0:1080.
    127.0.0.1:35848 - - [10/Dec/2016:14:41:57 +0000] "GET http://google.com/ HTTP/1.1" 302 261
    127.0.0.1:35848 - - [10/Dec/2016:14:41:57 +0000] "GET http://www.google.co.uk/?gfe_rd=cr&ei=NRRMWIDQD5HS8AeAzraQAQ HTTP/1.1" 302 277
    2016/12/10 14:42:16 http: panic serving 127.0.0.1:35802: Unknown condition type uint
    goroutine 44 [running]:
    net/http.(*conn).serve.func1(0xc420144500)
    	/usr/local/go/src/net/http/server.go:1491 +0x12a
    panic(0x8095e0, 0xc42020c820)
    	/usr/local/go/src/runtime/panic.go:458 +0x243
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder.(*templateWithUtils).ToWhereWithArguments(0xc420032080, 0x809760, 0xc42020c610, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8bfff8, 0x1, ...)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder/convert.go:146 +0x11f1
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder.(*templateWithUtils).ToWhereWithArguments(0xc420032080, 0x8027a0, 0xc4201fbae0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81ebe0, 0x0, ...)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder/convert.go:88 +0x1640
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder.(*selector).Where(0xc4200d5200, 0xc42020c600, 0x1, 0x1, 0xc694a0, 0xc4200d5200)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder/select.go:77 +0x13a
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/internal/sqladapter.(*Result).buildSelect(0xc4200c6e10, 0x41ac4b, 0x8095e0)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/internal/sqladapter/result.go:212 +0x136
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/internal/sqladapter.(*Result).One(0xc4200c6e10, 0x7f6f80, 0xc42000b900, 0xe, 0xc68720)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/internal/sqladapter/result.go:135 +0x2f
    main.getHandler(0xc651c0, 0xc4200dd790, 0xc4200c6d20)
    	/app/src/github.com/malfunkt/hyperfox/service.go:205 +0x863
    net/http.HandlerFunc.ServeHTTP(0x8c0310, 0xc651c0, 0xc4200dd790, 0xc4200c6d20)
    	/usr/local/go/src/net/http/server.go:1726 +0x44
    github.com/malfunkt/hyperfox/vendor/github.com/gorilla/mux.(*Router).ServeHTTP(0xc4200134f0, 0xc651c0, 0xc4200dd790, 0xc4200c6d20)
    	/app/src/github.com/malfunkt/hyperfox/vendor/github.com/gorilla/mux/mux.go:107 +0x10d
    net/http.serverHandler.ServeHTTP(0xc42001ef00, 0xc651c0, 0xc4200dd790, 0xc4200c6b40)
    	/usr/local/go/src/net/http/server.go:2202 +0x7d
    net/http.(*conn).serve(0xc420144500, 0xc65900, 0xc4201546c0)
    	/usr/local/go/src/net/http/server.go:1579 +0x4b7
    created by net/http.(*Server).Serve
    	/usr/local/go/src/net/http/server.go:2293 +0x44d
    2016/12/10 14:42:16 http: panic serving 127.0.0.1:35806: Unknown condition type uint
    goroutine 54 [running]:
    net/http.(*conn).serve.func1(0xc42001f780)
    	/usr/local/go/src/net/http/server.go:1491 +0x12a
    panic(0x8095e0, 0xc4201da6c0)
    	/usr/local/go/src/runtime/panic.go:458 +0x243
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder.(*templateWithUtils).ToWhereWithArguments(0xc420032080, 0x809760, 0xc4201da4b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8095e0, ...)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder/convert.go:146 +0x11f1
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder.(*templateWithUtils).ToWhereWithArguments(0xc420032080, 0x8027a0, 0xc4201d6940, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81ebe0, 0x0, ...)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder/convert.go:88 +0x1640
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder.(*selector).Where(0xc42016e540, 0xc4201da4a0, 0x1, 0x1, 0xc694a0, 0xc42016e540)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/lib/sqlbuilder/select.go:77 +0x13a
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/internal/sqladapter.(*Result).buildSelect(0xc420189e00, 0x41ac4b, 0x8095e0)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/internal/sqladapter/result.go:212 +0x136
    github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/internal/sqladapter.(*Result).One(0xc420189e00, 0x7f6f80, 0xc420143300, 0xe, 0xc68720)
    	/app/src/github.com/malfunkt/hyperfox/vendor/upper.io/db.v2/internal/sqladapter/result.go:135 +0x2f
    main.getHandler(0xc651c0, 0xc4201869c0, 0xc420189d10)
    	/app/src/github.com/malfunkt/hyperfox/service.go:205 +0x863
    net/http.HandlerFunc.ServeHTTP(0x8c0310, 0xc651c0, 0xc4201869c0, 0xc420189d10)
    	/usr/local/go/src/net/http/server.go:1726 +0x44
    github.com/malfunkt/hyperfox/vendor/github.com/gorilla/mux.(*Router).ServeHTTP(0xc4200134f0, 0xc651c0, 0xc4201869c0, 0xc420189d10)
    	/app/src/github.com/malfunkt/hyperfox/vendor/github.com/gorilla/mux/mux.go:107 +0x10d
    net/http.serverHandler.ServeHTTP(0xc42001ef00, 0xc651c0, 0xc4201869c0, 0xc4200c6f00)
    	/usr/local/go/src/net/http/server.go:2202 +0x7d
    net/http.(*conn).serve(0xc42001f780, 0xc65900, 0xc420017e00)
    	/usr/local/go/src/net/http/server.go:1579 +0x4b7
    created by net/http.(*Server).Serve
    	/usr/local/go/src/net/http/server.go:2293 +0x44d
    

    Was triggered clicking the i icon next to a request.

  • hi,may i ask a question about flow control (single client connect to server )

    hi,may i ask a question about flow control (single client connect to server )

    I setup a https proxy server ,and provide the proxy service for many people,and now i want to control the flow each person ..can hyperfox make it ? thanks!

  • `dsniff` link on  https://hyperfox.org/capturing-https-traffic points to the sample CA certificate

    `dsniff` link on https://hyperfox.org/capturing-https-traffic points to the sample CA certificate

  • Fix -dns flag when -https is enabled

    Fix -dns flag when -https is enabled

    This change makes the -dns flag be respected with the -https flag

    Before this change the sudo hyperfox -ui -http 80 -dns 8.8.8.8 -> curl http://example.com lead to an infinite request loop when -https was also supplied (i.e. sudo hyperfox -ui -http 80 -https 443 -dns 8.8.8.8).

  • io.Copy

    io.Copy "context canceled"

    I have been looking at potentially using hyperfox as the base for writing a GitHub API mocking tool, but I cannot even get it to proxy. Here is my command line:

    sudo bin/hyperfox -addr 127.0.0.1 -https 9999 \
       --ca-cert /Users/mikeschinkel/Projects/hyperfox/ca/rootCA.crt \
       --ca-key /Users/mikeschinkel/Projects/hyperfox/ca/rootCA.key
    

    When I run a Go program that uses github.com/google/go-github to call Client.Repositories.GetContents() which in turn calls the API I get this output:

    2021/02/18 16:44:19 io.Copy: "context canceled"
    127.0.0.1:52515 - - [18/Feb/2021:16:44:19 -0500] "CONNECT https://api.github.com:443 HTTP/1.1" 400 161256```
    

    I debugged through it for over an hour but still cannot figure out what I am doing wrong.

    BTW, I implemented a proxy in Go based on this code and it worked fine — though I was not able to inspect the information returned which is why I looked at hyperfox — so I know that the GET request by github.com/google/go-github works.

  • Getting TLS Failure

    Getting TLS Failure

    I am trying your "proxy.StartTLS" call and when I send a request from the browser, the console shows:

    tls: first record does not look like a TLS handshake

    Ideas on what that could be? Thank you.

  • Cannot get latest version: module contains a go.mod file, so module path should be github.com/malfunkt/hyperfox/v2

    Cannot get latest version: module contains a go.mod file, so module path should be github.com/malfunkt/hyperfox/v2

    Background

    The github.com/malfunkt/hyperfox uses Go modules and the current release version is v2. And it’s module path is "github.com/malfunkt/hyperfox", instead of "github.com/malfunkt/hyperfox/v2". It must comply with the specification of "Releasing Modules for v2 or higher" available in the Modules documentation. Quoting the specification:

    A package that has opted in to modules must include the major version in the import path to import any v2+ modules To preserve import compatibility, the go command requires that modules with major version v2 or later use a module path with that major version as the final element. For example, version v2.0.0 of example.com/m must instead use module path example.com/m/v2. https://github.com/golang/go/wiki/Modules#releasing-modules-v2-or-higher

    Steps to Reproduce

    GO111MODULE=on, run go get targeting any version >= v2.0.0 of the malfunkt/hyperfox:

    $ go get github.com/malfunkt/[email protected]
    go: finding github.com/malfunkt/hyperfox v2.0.0
    go: finding github.com/malfunkt/hyperfox v2.0.0
    go get github.com/malfunkt/[email protected]: github.com/malfunkt/[email protected]: invalid version: module contains a go.mod file, so major version must be compatible: should be v0 or v1, not v2
    

    run go get github.com/malfunkt/hyperfox, the version will stuck in v1.9.8:

    $go get github.com/malfunkt/hyperfox
    go: downloading github.com/malfunkt/hyperfox v1.9.8
    go: github.com/malfunkt/hyperfox upgrade => v1.9.8
    

    SO anyone using Go modules will not be able to easily use any newer version of malfunkt/hyperfox.

    Solution

    1. Kill the go.mod files, rolling back to GOPATH.

    This would push them back to not being managed by Go modules (instead of incorrectly using Go modules). Ensure compatibility for downstream module-aware projects and module-unaware projects projects

    I see these dependencies in your go.mod file, which need modle awareness. So you'd better not use third-party tools(such as: Dep, glide, govendor…).

    github.com/mdp/qrterminal/v3 v3.0.0
    

    You also need to update the import path to:

    import github.com/mdp/qrterminal/…
    

    2. Fix module path to strictly follow SIV rules.

    Patch the go.mod file to declare the module path as github.com/malfunkt/hyperfox/v2 as per the specs. And adjust all internal imports. The downstream projects might be negatively affected in their building if they are module-unaware (Go versions older than 1.9.7 and 1.10.3; Or use third-party dependency management tools, such as: Dep, glide,govendor…).

    [*] You can see who will be affected here: [1 module-unaware user, i.e., Labs22/BlackServerOS] https://github.com/search?l=Go&p=2&q=malfunkt%2Fhyperfox&type=Code

    If you don't want to break the above repos. This method can provides better backwards-compatibility. Release a v2 or higher module through the major subdirectory strategy: Create a new v2 subdirectory (github.com/malfunkt/hyperfox/v2) and place a new go.mod file in that subdirectory. The module path must end with /v2. Copy or move the code into the v2 subdirectory. Update import statements within the module to also use /v2 (import "github.com/malfunkt/hyperfox/v2/…"). Tag the release with v2.x.y.

    3. Suggest your downstream module users use hash instead of a version tag.

    If the standard rule of go modules conflicts with your development mode. Or not intended to be used as a library and does not make any guarantees about the API. So you can’t comply with the specification of "Releasing Modules for v2 or higher" available in the Modules documentation. Regardless, since it's against one of the design choices of Go, it'll be a bit of a hack. Instead of go get github.com/malfunkt/hyperfox@version-tag, module users need to use this following way to get the malfunkt/hyperfox: (1) Search for the tag you want (in browser) (2) Get the commit hash for the tag you want (3) Run go get github.com/malfunkt/hyperfox@commit-hash (4) Edit the go.mod file to put a comment about which version you actually used This will make it difficult for module users to get and upgrade malfunkt/hyperfox.

    [*] You can see who will be affected here: [1 module user, e.g., malfunkt/hyperfox] https://github.com/search?l=Go&p=2&q=malfunkt%2Fhyperfox&type=Code

    Summary

    You can make a choice to fix DM issues by balancing your own development schedules/mode against the affects on the downstream projects.

    For this issue, Solution 2 can maximize your benefits and with minimal impacts to your downstream projects the ecosystem.

    References

    • https://github.com/golang/go/wiki/Modules#semantic-import-versioning
    • https://golang.org/cmd/go/#hdr-Module_compatibility_and_semantic_versioning
    • https://github.com/golang/go/wiki/Modules#releasing-modules-v2-or-higher
  • Problem with https proxy

    Problem with https proxy

    Hello, hyperfox is a great project. I am having some problems with https proxy. I encountered an error when I ran this program. http: TLS handshake error from 127.0.0.1:62777: tls: oversized record received with length 20037 Then I tried to upgrade my go version. Currently, the go version is 1.12.5. When I run again, it becomes another error. http: TLS : first record does not look like a TLS handshake My system is win10 amd64. Where am I configured wrong? I will be very grateful for your answer.

Related tags
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe

Jan 6, 2023
A GREAT GUI Offline Tool for manipulating/seeking resolver list of repique and dnscrypt proxy.
A GREAT GUI Offline Tool for manipulating/seeking resolver list of repique and dnscrypt proxy.

Intro A GUI Offline Tool for decrypting and manipulating *.md files used by repique and dnscrypt proxy It's targeted for creating your own DoT, DoH an

Nov 27, 2022
A Declarative Cloud Firewall Reverse Proxy Solution with Companion Mobile App
A Declarative Cloud Firewall Reverse Proxy Solution with Companion Mobile App

A declarative Cloud firewall reverse proxy solution with inbuilt DDoS protection and alerting mechanism to protect your servers and keeping an eye on those malicious requests

Aug 10, 2022
Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.

This is very similar to GenericPotato - I referenced it heavily while researching. Gotato starts a named pipe or web server and waits for input. Once

Nov 9, 2022
A Flask-based HTTP(S) command and control (C2) framework with a web frontend. Malleable agents written in Go and scripts written in bash.

▄▄▄▄ ██▓ █████▒██▀███ ▒█████ ██████ ▄▄▄█████▓ ▓█████▄ ▓██▒▓██ ▒▓██ ▒ ██▒▒██▒ ██▒▒██ ▒ ▓ ██▒ ▓▒ ▒██▒ ▄██▒██▒▒████ ░▓██ ░▄█ ▒▒██░ ██▒░

Dec 24, 2022
HTTP middleware for Go that facilitates some quick security wins.

Secure Secure is an HTTP middleware for Go that facilitates some quick security wins. It's a standard net/http Handler, and can be used with many fram

Jan 3, 2023
Implementation of io/fs.FS that appends SHA256 hashes to filenames to allow for aggressive HTTP caching.

hashfs Implementation of io/fs.FS that appends SHA256 hashes to filenames to allow for aggressive HTTP caching.

Dec 1, 2022
Fastest recursive HTTP fuzzer, like a Ferrari.
Fastest recursive HTTP fuzzer, like a Ferrari.

Medusa Fastest recursive HTTP fuzzer, like a Ferrari. Usage Usage: medusa [options...] Options: -u Single URL -uL

Oct 14, 2022
PoC for CVE-2015-1635 / MS15-034 - HTTP.sys Allows Remote Code Execution / Check & DOS
PoC for CVE-2015-1635 / MS15-034 - HTTP.sys Allows Remote Code Execution / Check & DOS

CVE-2015-1635 PoC for CVE-2015-1635 / MS15-034 - HTTP.sys Allows Remote Code Execution / Check & DOS ./MS15-034 <URL> <RESOURCE> <FLAG [0 or 18]> Note

Nov 3, 2021
ARP spoofing tool based on go language, supports LAN host scanning, ARP poisoning, man-in-the-middle attack, sensitive information sniffing, HTTP packet sniffing
ARP spoofing tool based on go language, supports LAN host scanning, ARP poisoning, man-in-the-middle attack, sensitive information sniffing, HTTP packet sniffing

[ARP Spoofing] [Usage] Commands: clear clear the screen cut 通过ARP欺骗切断局域网内某台主机的网络 exit exit the program help display help hosts 主机管理功能 loot 查看嗅探到的敏感信息

Dec 30, 2022
CS http Dynamic Encrypt Bridge.
CS http Dynamic Encrypt Bridge.

CS http Dynamic Encrypt Bridge.

Nov 25, 2022
Basic honeypot to capture log4shell payloads within HTTP headers.

log4shell-honeypot Catch and download log4shell payloads sent within HTTP headers. Modified version of Adikso's minecraft honeypot Setup git clone $re

Sep 2, 2022
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

Minify and Secure Docker containers (free and open source!) Don't change anything in your Docker container image and minify it by up to 30x making it

Dec 27, 2022
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

age age is a simple, modern and secure file encryption tool, format, and library. It features small explicit keys, no config options, and UNIX-style c

Dec 28, 2022
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

depsdev CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security sig

May 11, 2023
Find secrets and passwords in container images and file systems
Find secrets and passwords in container images and file systems

Find secrets and passwords in container images and file systems

Jan 1, 2023
Build awesome Golang desktop apps and beautiful interfaces with Vue.js, React.js, Framework 7, and more...
Build awesome Golang desktop apps and beautiful interfaces with Vue.js, React.js, Framework 7, and more...

Guark Guark allows you to build beautiful user interfaces using modern web technologies such as Vue.js, React.js..., while your app logic handled and

Jan 1, 2023