Projects

HATKit proxy

I have developed a proxy based on the very neat Owasp Proxy by Rogan Dawes. The proxy can be downloaded from http://martin.swende.se/hgwebdir.cgi/hatkit_proxy/ if you use Mercurial : “hg clone http://martin.swende.se/hgwebdir.cgi/hatkit_proxy/” . It is still a bit unpolished here and there, but it works and has these features:

  • White/blacklisting. Anything ‘passed’ is treated by the proxy
    (database, logging and intercept),anything not passed is streamed.

  • Whitelisting of domains (e.g “sun.com, ru” => java.sun.com, and
    evil.ru passes)

    • Whitelisting of networks (“10.0.2.2/14, 192.160.*”)

    • Blacklisting of resources (default: “^[^?;!]*\.(png|jpg|jpeg|gif|ico)$” )
  • Interceptor
  • Syntax highlightning (jflex-based)
    • Http traffic

    • 2-phases, the content type determines which lexer is used after http. Currently only form data and html” implemented, but I plan to add json and xml aswell.
  • MongoDB storage (not required)
    • Stores http traffic into a MongoDB database. I selected it because it is flexible (no fixed table definitions) and very fun (can perform javascript dynamically inside the db and has great aggregation functionality).

    I call it the HATKit proxy, not to hide that it really is based on the Owasp Proxy, but just because this proxy is a minor part of a suite I call the HATkit (Http Analyser Toolkit), which is a python framework to play with the data once it is stored in the MongoDB. That part is not yet mature enough to show to the general public, though.

    The interceptor does not show both requests and responses simultaneously, pending on how the previous discussions previously turn out (about returning a handle). It is really only for developers as of yet, since the owasp proxy needs a couple of modifications for it to run (but those are quite apparent) and it is not packaged as a jar-file. So, anyone NOT familiar with Owasp Proxy and Eclipse should wait a bit longer before diving in… To set it up, configure it as an eclipse project with Owasp proxy as a required project on the build path. Other than that, there are no dependencies other than the mongodb-jarfile which is in the libs-folder, but you don’t have to install a mongodb to run it if you don’t want to capture the traffic.

    I appreciate any feedback.