Tuesday, March 26, 2013

[HoneyProxy] A man-in-the-middle SSL Proxy & Traffic Analyzer



HoneyProxy is a lightweight tool that allows live HTTP(S) traffic inspection and analysis.
It focuses on features that are useful for malware analysis and network forensics.

Features

  • Analyze HTTP(S) traffic on the fly
  • Filter and highlight traffic, regex support included.
  • Report Generation for saved flows, including a live JS editor.
  • Save HTTP conversations for later analysis
  • Make scripted changes with Python, e.g. remove Cache Header.
  • based on and compatible to mitmproxy.
  • cross-platform (Windows, OSX and Linux)
  • SSL interception certs generated on the fly
Looking for more? Check out our GitHub wiki!

 

Quick Start

Download the latest release or pick a development snapshot.

Install all dependencies: pip install pyOpenSSL pyasn1 Twisted Autobahn
Windows users: Install the binaries for pyOpenSSL and Twisted manually (or compile yourself).
Ubuntu / Debian users: Install twisted as a package (sudo apt-get install python-twisted). If you get errors, check this page.

Start HoneyProxy with python honeyproxy.py or python honeyproxy.py --help.
If you don't use a modern browser, a kitten will die. We support both Firefox and Chrome!
Most command line parameters are documented in the mitmproxy docs.

No comments:

Post a Comment