====== Interceraptor ======

{{template>~infobox|
name=EDITME|
image=EDITME|
sw=-|
hw=-|
founder=[[user:EDITME]]|
interested=[[user:EDITME]]\\ [[user:EDITME]]|
status=active
}}

<code>
 ~> listener (1) -> intercept (2) -> filter (3) -> real server (4)
 <~ listener (8) <- intercept (7) <- filter (6) <- real server (5)
</code>

Listeners:
  * socks 
  * forwarding
  * custom routing table

SSL:
  * generate SSL cert per host
  * for android emulator generate SSL cert according to the real target cert
  * select custom CA
  * accept HTTP and redirect to HTTP (arbitrary host via routing table (per host filter))

Intercept (all operations are bidirectional):
  * hand examination/modification
  * automatic data modification

Filters:
  * (intercept is a special filter)
  * response normalization. custom rules that defines which request means that the file does (not) exists
  * cookie jar
  * active session maintaining
  * Throttle (max requests per time ...)
  * data parsing (nonce extraction. VIEWSTATE)
  * time analysis for request-response (show the delta)

Vulnerability discovery:
  * http protocol fuzzing / content discovery (files, directories, http parameters) 
  * inner protocol fuzzing (JSON, XML, REST, SOAP)

Data manipulation:
  * base64
  * hex/ascii
  * data validation (html-tidy, json validator, xml validator)

==== GUI ====
  * HTML5 rest client

==== module ====

=== dataflow ===

  - c-s input match
  - c-s perform action (modify input / invoke external script or whatever)
  - c-s send data
  - s-c recieve data
  - s-c match output
  - s-c perform final action

<note tip>
<code>
data flow direction:
c-s -- client to server
s-c -- server to client
</code>
</note>


=== module interconnection ===
  * do it like they do it in apache mod_rewrite rules

===== roadplan =====
  - accept HTTP connection, redirect to SLL service, rule match per HTTP.host
  - accept SSL connection, fake SLL.CommonName by the target service

===== performance =====
  * multithread
  * fast backend without gui
  * ability to cancel pending request
  * each tab can be separated to standalone window
    * window plugin-like eclipse/netbeans/visalstudio...


===== scanner =====
  * passive
  * active

===== schemas =====

{{ :project:img_20130223_181909.jpg?direct&900 |Thread schema}}
{{ :project:img_20130302_163117.jpg?direct&900 |Rules outline}}
{{ :project:img_20130302_170003.jpg?direct&900 |Core REST interface}}
===== references =====
  * http://code.google.com/p/raft/
  * http://www.youtube.com/watch?v=e7FYHaRztWw
  * https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
  * http://portswigger.net/burp/proxy.html
  * http://www.youtube.com/watch?v=kDVIcW7TZVw
  * http://vimeo.com/43659037
  * www.fiddler2.com
  * http://proxies.xhaus.com/java/