User Tools

Site Tools


project:interceraptor

Interceraptor

EDITME
editme
founder: EDITME
depends on:
interested: EDITME
EDITME
software license: -
hardware license: -
 ~> listener (1) -> intercept (2) -> filter (3) -> real server (4)
 <~ listener (8) <- intercept (7) <- filter (6) <- real server (5)

Listeners:

  • socks
  • forwarding
  • custom routing table

SSL:

  • generate SSL cert per host
  • for android emulator generate SSL cert according to the real target cert
  • select custom CA
  • accept HTTP and redirect to HTTP (arbitrary host via routing table (per host filter))

Intercept (all operations are bidirectional):

  • hand examination/modification
  • automatic data modification

Filters:

  • (intercept is a special filter)
  • response normalization. custom rules that defines which request means that the file does (not) exists
  • cookie jar
  • active session maintaining
  • Throttle (max requests per time …)
  • data parsing (nonce extraction. VIEWSTATE)
  • time analysis for request-response (show the delta)

Vulnerability discovery:

  • http protocol fuzzing / content discovery (files, directories, http parameters)
  • inner protocol fuzzing (JSON, XML, REST, SOAP)

Data manipulation:

  • base64
  • hex/ascii
  • data validation (html-tidy, json validator, xml validator)

GUI

  • HTML5 rest client

module

dataflow

  1. c-s input match
  2. c-s perform action (modify input / invoke external script or whatever)
  3. c-s send data
  4. s-c recieve data
  5. s-c match output
  6. s-c perform final action
data flow direction:
c-s -- client to server
s-c -- server to client

module interconnection

  • do it like they do it in apache mod_rewrite rules

roadplan

  1. accept HTTP connection, redirect to SLL service, rule match per HTTP.host
  2. accept SSL connection, fake SLL.CommonName by the target service

performance

  • multithread
  • fast backend without gui
  • ability to cancel pending request
  • each tab can be separated to standalone window
    • window plugin-like eclipse/netbeans/visalstudio…

scanner

  • passive
  • active

schemas

Thread schema Rules outline Core REST interface

references

project/interceraptor.txt · Last modified: 2013/03/02 16:01 by da3m0n22