Packages and Binaries:

proxify

This package contains a Swiss Army Knife Proxy for rapid deployments. It supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify.

Features

  • Intercept / Manipulate HTTP/HTTPS & NON-HTTTP traffic
  • Invisible & Thick clients traffic proxy support
  • TLS MITM support with client/server certificates
  • HTTP and SOCKS5 support for upstream proxy
  • Traffic Match/Filter and Replace DSL support
  • Full traffic dump to file (request/responses)
  • Native embedded DNS server
  • Plugin Support to decode specific protocols (e.g XMPP/SMTP/FTP/SSH/)
  • Proxify Traffic replay in Burp

Installed size: 35.08 MB
How to install: sudo apt install proxify

Dependencies:
  • libc6
mitmrelay
root@kali:~# mitmrelay -h
Usage of mitmrelay:
  -client-cert string
    	Relay => Server Cert File
  -client-key string
    	Relay => Server Key File
  -dns-addr string
    	Listen DNS Ip and port (ip:port) (default ":5353")
  -dns-mapping string
    	DNS A mapping (eg domain:ip,domain:ip,..)
  -http-addr string
    	HTTP Server Listen Address (default "127.0.0.1:49999")
  -output string
    	Output Folder (default "logs/")
  -protocol string
    	tcp or udp (default "tcp")
  -proxy-addr string
    	HTTP Proxy Address
  -relay value
    	listen_ip:listen_port => destination_ip:destination_port
  -request-match-replace-dsl string
    	Request Match-Replace DSL
  -resolver-addr string
    	Listen DNS Ip and port (ip:port)
  -response-match-replace-dsl string
    	Request Match-Replace DSL
  -server-cert string
    	Client => Relay Cert File
  -server-key string
    	Client => Relay Key File
  -timeout int
    	Connection Timeout In Seconds (default 180)
  -tls-client
    	Relay => Server should use tls
  -tls-server
    	Client => Relay should use tls

proxify
root@kali:~# proxify -h
Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump,filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy

Usage:
  proxify [flags]

Flags:
OUTPUT:
   -o, -output string  Output Directory to store HTTP proxy logs (default "logs")
   -dump-req           Dump only HTTP requests to output file
   -dump-resp          Dump only HTTP responses to output file
FILTER:
   -req-fd, -request-dsl string                   Request Filter DSL
   -resp-fd, -response-dsl string                 Response Filter DSL
   -req-mrd, -request-match-replace-dsl string    Request Match-Replace DSL
   -resp-mrd, -response-match-replace-dsl string  Response Match-Replace DSL
NETWORK:
   -ha, -http-addr string    Listening HTTP IP and Port address (ip:port) (default "127.0.0.1:8888")
   -sa, -socks-addr string   Listening SOCKS IP and Port address (ip:port) (default "127.0.0.1:10080")
   -da, -dns-addr string     Listening DNS IP and Port address (ip:port)
   -dm, -dns-mapping string  Domain to IP DNS mapping (eg domain:ip,domain:ip,..)
   -r, -resolver string      Custom DNS resolvers to use (ip:port)
PROXY:
   -hp, -http-proxy string    Upstream HTTP Proxies (eg http://proxy-ip:proxy-port
   -sp, -socks5-proxy string  Upstream SOCKS5 Proxies (eg socks5://proxy-ip:proxy-port)
   -c int                     Number of requests before switching to the next upstream proxy (default 1)
EXPORT:
   -elastic-address string    elasticsearch address (ip:port)
   -elastic-ssl               enable elasticsearch ssl
   -elastic-ssl-verification  enable elasticsearch ssl verification
   -elastic-username string   elasticsearch username
   -elastic-password string   elasticsearch password
   -elastic-index string      elasticsearch index name (default "proxify")
   -kafka-address string      address of kafka broker (ip:port)
   -kafka-topic string        kafka topic to publish messages on (default "proxify")
CONFIGURATION:
   -config string        Directory for storing program information (default "/root/.config/proxify")
   -cert-cache-size int  Number of certificates to cache (default 256)
   -allow string         Allowed list of IP/CIDR's to be proxied
   -deny string          Denied list of IP/CIDR's to be proxied
DEBUG:
   -silent         Silent
   -nc, -no-color  No Color (default true)
   -version        Version
   -v, -verbose    Verbose

replay-proxify
root@kali:~# replay-proxify -h
Usage of replay-proxify:
  -burp-addr string
    	Burp HTTP Address (default "http://127.0.0.1:8080")
  -dns-addr string
    	DNS UDP Server Listen Address (default ":10000")
  -http-addr string
    	HTTP Server Listen Address (default ":80")
  -output string
    	Output Folder (default "db/")
  -proxy-addr string
    	HTTP Proxy Server Listen Address (default ":8081")

Updated on: 2023-May-16