Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.

Overview

proxify

FeaturesInstallationUsageRunning ProxifyInstalling SSL CertificateApplications of ProxifyJoin Discord

Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify.

Features

proxify

  • Intercept / Manipulate HTTP/HTTPS & NON-HTTTP traffic
  • Invisible & Thick clients traffic proxy support
  • TLS MITM support with client/server certificates
  • HTTP and SOCKS5 support for upstream proxy
  • Traffic Match/Filter and Replace DSL support
  • Full traffic dump to file (request/responses)
  • Native embedded DNS server
  • Plugin Support to decode specific protocols (e.g XMPP/SMTP/FTP/SSH/)
  • Proxify Traffic replay in Burp

Installation

Download the ready to run binary or install/build using GO

GO111MODULE=on go get -v github.com/projectdiscovery/proxify/cmd/proxify

Usage

proxify -h

This will display help for the tool. Here are all the switches it supports.

👉 proxify help menu 👈
  -addr string
      Listen Ip and port (ip:port) (default "127.0.0.1:8888")
  -allow value
      Whitelist ip/cidr
  -cert-cache-size int
      Number of certificates to cache (default 256)
  -config string
      Directory for storing program information (default "$HOME/.config/proxify")
  -deny value
      Blacklist ip/cidr
  -dns-addr string
      Listen DNS Ip and port (ip:port)
  -dns-mapping string
      DNS A mapping (eg domain:ip,domain:ip,..)
  -dns-resolver string
      Listen DNS Ip and port (ip:port)
  -dump-req
      Dump requests in separate files
  -dump-resp
      Dump responses in separate files
  -http-proxy string
      Upstream HTTP Proxy (eg http://proxyip:proxyport
  -no-color
      No Color (default true)
  -output string
      Output Folder (default "logs")
  -request-dsl string
      Request Filter DSL
  -request-match-replace-dsl string
      Request Match-Replace DSL
  -response-dsl string
      Response Filter DSL
  -response-match-replace-dsl string
      Request Match-Replace DSL
  -silent
      Silent
  -socks5-proxy string
      Upstream SOCKS5 Proxy (eg socks5://proxyip:proxyport)
  -v  Verbose
  -version
      Version

Running Proxify

Runs a HTTP proxy on port 8888

proxify

Runs a HTTP proxy on custom port 1111

proxify -addr ":1111"

Proxify with upstream proxy

Runs a HTTP proxy on port 8888 and forward the traffic to burp on port 8080

proxify -http-proxy http://127.0.0.1:8080

Runs a HTTP proxy on port 8888 and forward the traffic to the TOR network

proxify -socks5-proxy socks5://127.0.0.1:9050

Dump all the HTTP/HTTPS traffic

Dump all the traffic into separate files with request followed by the response.

proxify -output logs

As default, proxied request/resposed are stored in the logs folder. Additionally dump-req or dump-resp flag can be used for saving specfic part of the request to the file.

Hostname mapping with Local DNS resolver

Proxify supports embedding DNS resolver to map hostnames to specific addresses and define an upstream dns server for any other domain name

Runs a HTTP proxy on port 8888 using an embedded dns server listening on port 53 and resolving www.google.it to 192.168.1.1 and all other fqdn are forwarded upstream to 1.1.1.1

proxify -dns-addr ":53" -dns-mapping "www.google.it:192.168.1.1" -dns-resolver "1.1.1.1:53"

This feature is used for example by the replay utility to hijack the connections and simulate responses. It may be useful during internal assessments with private dns servers. Using * as domain name matches all dns requests.

Match/Filter traffic with with DSL language.

If the request or response match the filters the dump is tagged with .match.txt suffix:

proxify -request-dsl "contains(request,'firefox')" -response-dsl "contains(response, md5('test'))"

Match and Replace on the fly

Proxify supports modifying Request and Responses on the fly with DSL language.

proxify -request-match-replace-dsl "replace(request,'firefox','chrome')" -response-match-replace-dsl "regex(response, '^authentication failed$', 'authentication ok')"

Replay all traffic into burp

Replay all the dumped requests/responses into the destination URL (http://127.0.0.1:8080) if not specified. For this to work it's necessary to configure burp to use proxify as upstream proxy, as it will take care to hijack the dns resolutions and simulate the remote server with the dumped request. This allows to have in the burp history exactly all requests/responses as if they were originally sent through it, allowing for example to perform a remote interception on cloud, and merge all results locally within burp.

replay -output "logs/"

Installing SSL Certificate

A certificate authority is generated for proxify which is stored in the folder ~/.config/proxify/ as default, manually can be specified by -config flag. The generated certificate can be imported by visiting http://proxify/cacert.crt in a browser connected to proxify.

Installation steps for the Root Certificate is similar to other proxy tools which includes adding the cert to system trusted root store.

Applications of Proxify

Proxify can be used for multiple places, here are some common example where Proxify comes handy:-

👉 Storing all the burp proxy history logs locally.

Runs a HTTP proxy on port 8888 and forward the traffic to burp on port 8080

proxify -http-proxy http://127.0.0.1:8080

From burp, set the Upstream Proxy to forward all the traffic back to proxify

User Options > Upstream Proxy > Proxy & Port > 127.0.0.1 & 8888

Now all the request/response history will be stored in logs folder that can be used later for post processing.

👉 Store all your browse history locally.

While you browse the application, you can point the browser to proxify to store all the HTTP request / response to file.

Start proxify on default or any port you wish,

proxify -output chrome-logs

Start Chrome browser in Mac OS,

/Applications/Chromium.app/Contents/MacOS/Chromium --ignore-certificate-errors --proxy-server=http://127.0.0.1:8888 &
👉 Store all the response of while you fuzz as per you config at run time.

Start proxify on default or any port you wish,

proxify -output ffuf-logs

Run FFuF with proxy pointing to proxify

ffuf -x http://127.0.0.1:8888 FFUF_CMD_HERE

Proxify is made with 🖤 by the projectdiscovery team. Community contributions have made the project what it is. See the Thanks.md file for more details.

Issues
  • Match DSL functionality doesn't work

    Match DSL functionality doesn't work

    ./proxify -request-dsl "contains(request,'firefox')" -v                                                                                                                                                           ✔
    
                           _ ___    
       ___  _______ __ __ (_) _/_ __
      / _ \/ __/ _ \\ \ // / _/ // /
     / .__/_/  \___/_\_\/_/_/ \_, / 
    /_/                      /___/	v0.0.6
    
    		projectdiscovery.io
    
    Use with caution. You are responsible for your actions
    Developers assume no liability and are not responsible for any misuse or damage.
    HTTP Proxy Listening on 127.0.0.1:8888
    Socks5 Proxy Listening on 127.0.0.1:10080
    Saving traffic to logs
    2022/05/04 19:32:26 [001] INFO: Got request / localhost:8081 GET http://localhost:8081/
    GET http://localhost:8081/ HTTP/1.1
    Connection: close
    Accept: */*
    Accept-Encoding: gzip
    Accept-Language: en
    Connection: close
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36
    
    2022/05/04 19:32:26 [001] INFO: Sending request GET http://localhost:8081/
    2022/05/04 19:32:26 [001] INFO: Received response 200 OK
    HTTP/1.0 200 OK
    Connection: close
    Content-Length: 1683
    Content-Type: text/html; charset=utf-8
    Date: Wed, 04 May 2022 16:32:26 GMT
    Server: SimpleHTTP/0.6 Python/3.9.12
    
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <title>Directory listing for /</title>
    </head>
    <body>
    <h1>Directory listing for /</h1>
    <hr>
    <ul>
    
    
    Type: Bug Status: Completed Priority: Medium 
    opened by forgedhallpass 4
  • Add support for -vv flag

    Add support for -vv flag

    Proposed changes

    This PR implements the -vv flag as described in https://github.com/projectdiscovery/proxify/issues/139.

    Currently there is only -v flag which shows the whole request and response body. The -vv flag is added and divides logging levels into two. The -v flag only shows request and response type, and the -vv flag also shows the response body. The -vv flag implicitly includes -v.

    Checklist

    • [x] Pull request is created against the dev branch
    • [ ] All checks passed (lint, unit/integration/regression tests etc.) with my changes
    • [ ] I have added tests that prove my fix is effective or that my feature works
    • [x] I have added necessary documentation (if appropriate)
    opened by mjkim610 3
  • Future Request - Support Multiple Upstream Proxies

    Future Request - Support Multiple Upstream Proxies

    Problem: Currently Proxify cant handle multiple upstream proxies at once. For example, running proxify -http-proxy http://127.0.0.1:8080 -http-proxy http://127.0.0.1:8081 -addr 127.0.0.1:8888 curl https://google.com -x 127.0.0.1:8888

    This will forward the request to last http-proxy provided via the command line. So in the above example, the curl would only use http://127.0.0.1:8081 as the upstream proxy.

    Suggested result: Ideally when specifying multiple upstream proxies, Proxify should forward the request to both proxies and subsequently forward both responses back to the client.

    Once this is implemented, another feature or cli argument can be created to specify how many requests to forward to one proxy, before switching to the other. The use case for this could be a proxy rotator that round-robins the requests based on a user provider integer. For example, adding a --count/-c argument.

    In this hypothetical example, proxfiy would forward one http request to one proxy before switching to the next proxy (optionally it could read from a file of http-proxies).

    proxify -http-proxy http://127.0.0.1:8080 -http-proxy http://127.0.0.1:8081 -addr 127.0.0.1:8888 -c 1 curl https://google.com -x 127.0.0.1:8888 >> forwards request to http://127.0.0.1:8081 curl https://google.com -x 127.0.0.1:8888 >> forwards request to http://127.0.0.1:8080 curl https://google.com -x 127.0.0.1:8888 >> forwards request to http://127.0.0.1:8081

    and so on.

    Type: Enhancement Status: Completed 
    opened by 0xtavian 3
  • Fixing match-replace logic

    Fixing match-replace logic

    Proposed changes

    This PR fixes #136 by overriding the original request/response properties with the DSL evaluated ones. For some weird reason, go1.18 passing a pointer of type *http.Request by reference to a nested sequence of functions causes some stack confusion, causing the original instance to be immutable.

    Checklist

    • [x] Pull request is created against the dev branch
    • [x] All checks passed (lint, unit/integration/regression tests etc.) with my changes
    • [ ] I have added tests that prove my fix is effective or that my feature works
    • [ ] I have added necessary documentation (if appropriate)

    Example

    Web Server

    $ simplehttpserver -verbose
    ...
    [2022-08-01 16:17:38]
    Remote Address: 127.0.0.1:50012
    GET / HTTP/1.1
    Host: localhost:8000
    Accept: */*
    Accept-Encoding: gzip
    User-Agent: firefox/7.79.1
    
    
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    Last-Modified: Fri, 17 Jun 2022 06:47:39 GMT
    

    Proxify

    $ proxify -request-match-replace-dsl "replace(request,'curl','firefox')" -v
    ...
    HTTP Proxy Listening on 127.0.0.1:8888
    Socks5 Proxy Listening on 127.0.0.1:10080
    Saving traffic to logs
    2022/08/01 16:17:22 [001] INFO: Got request / localhost:8888 GET /
    2022/08/01 16:17:38 [002] INFO: Got request / localhost:8000 GET http://localhost:8000/
    2022/08/01 16:17:38 [002] INFO: Sending request GET http://localhost:8000/
    2022/08/01 16:17:38 [002] INFO: Received response 200 OK
    2022/08/01 16:17:38 [002] INFO: Copying response to client 200 OK [200]
    2022/08/01 16:17:38 [002] INFO: Copied 101 bytes to client error=<nil>
    

    Curl

    $ curl http://localhost:8000 -x http://localhost:8888
    <pre>
    <a href=".DS_Store">.DS_Store</a>
    <a href="simplehttpserver.go">simplehttpserver.go</a>
    </pre>
    
    Type: Bug Status: Completed 
    opened by Mzack9999 2
  • Add support for -vv flag

    Add support for -vv flag

    Proposed changes

    This PR implements the -vv flag as described in https://github.com/projectdiscovery/proxify/issues/139.

    Checklist

    • [x] Pull request is created against the dev branch
    • [ ] All checks passed (lint, unit/integration/regression tests etc.) with my changes
    • [ ] I have added tests that prove my fix is effective or that my feature works
    • [x] I have added necessary documentation (if appropriate)
    opened by mjkim610 2
  • adding snapcraft deploy

    adding snapcraft deploy

    Proposed changes

    This PR adds snapcraft deploy support

    Checklist

    • [ ] Pull request is created against the dev branch
    • [ ] All checks passed (lint, unit/integration/regression tests etc.) with my changes
    • [ ] I have added tests that prove my fix is effective or that my feature works
    • [ ] I have added necessary documentation (if appropriate)
    Type: Enhancement 
    opened by Mzack9999 2
  • Fix for cert endpoint not working + Internal engine

    Fix for cert endpoint not working + Internal engine

    Proposed changes

    This PR fixes various issues in proxify engine causing side effects such as the cert endpoint not working or random failures during requests dispatching (draft)

    Checklist

    • [x] Pull request is created against the dev branch
    • [x] All checks passed (lint, unit/integration/regression tests etc.) with my changes
    • [ ] I have added tests that prove my fix is effective or that my feature works
    • [ ] I have added necessary documentation (if appropriate)

    Reproduction Steps

    • Run proxify:
    go run . -verbose
    
    • Run any client and point to proxify as the proxy:
    $ curl -x http://127.0.0.1:8888 https://192.168.1.1 -k -I
    HTTP/1.1 200 OK
    ...
    
    Type: Bug Status: Completed 
    opened by Mzack9999 2
  • Support for socks5 to socks5 proxy

    Support for socks5 to socks5 proxy

    I've been playing with this tool for a while, and just ran into an use case that I needed. In the current form only the following are allowed:

    • http to http
    • http to socks5

    It would be very useful to also allow: socks5 to socks5

    I already try running with: -addr socks5://192.168.255.10 and it complains about the formatting of my address and fails to start.

    Type: Enhancement Status: Completed 
    opened by gaby 2
  • add kafka module

    add kafka module

    send output to kafka and add kafka config params like ip:port,ip:port|topic.

    ip:port,ip:port is kafka cluster’s ip and port configuration after is topic.

    usage: ./proxify -output-kafka 192.168.1.1:9092,192.168.1.2:9092|stream.

    opened by Z000000 2
  • [Feature] Allow saving only requests or response when doing proxy

    [Feature] Allow saving only requests or response when doing proxy

    Actually , There Is One Issue While Saving The Requests And The Responses

    Screenshot_2020-12-27_02-04-33

    From The Previous Image There Is not an New Line Between Body Of The POST Request And First Line Of The Response e.g. log File Should Be Like This

    Screenshot_2020-12-27_02-15-37

    And If You Can Possible Add Feature To Save Only Request Without Response That Will Be a Great Because If Any One Can Use This Files With sqlmap Tool With Option -r OR fuff Tool With Option -request

    Type: Enhancement 
    opened by 0xAwali 2
  • How can i opearate a network applications that do not support working through proxy with proxy via  proxify

    How can i opearate a network applications that do not support working through proxy with proxy via proxify

    I am using WSL kali linux termux with the proxy client that serves proxy to the local host address i.e 172.x.x.x:9050.The issue i am facing with one Linux tool is its not working with that proxy till last month its supporting ,i don't know whether its stops supporting. How can i operate the application /tool with proxy via proxify.

    Thanks and Regards .

    opened by danksuperuser 1
  • chore(deps): bump alpine from 3.16.1 to 3.16.2

    chore(deps): bump alpine from 3.16.1 to 3.16.2

    Bumps alpine from 3.16.1 to 3.16.2.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    Type: Maintenance 
    opened by dependabot[bot] 0
  • Combine verbosity-related bool flags into single enum member variable

    Combine verbosity-related bool flags into single enum member variable

    Proposed changes

    Previously, there were 3 different bool flags related to verbosity. Having many member variables for values that should be mutually exclusive led to a bug where contradicting flags could be set. This caused unexpected behavior with regards to logging.

    This commit combines the bool flags into 1 enum flag. As a result, verbosity level is guaranteed to be mutually exclusive. This commit also adds validation of the verbosity flags and exits with an error msg.

    This PR resolves #146.

    Checklist

    • [x] Pull request is created against the dev branch
    • [ ] All checks passed (lint, unit/integration/regression tests etc.) with my changes
    • [ ] I have added tests that prove my fix is effective or that my feature works
    • [ ] I have added necessary documentation (if appropriate)
    opened by mjkim610 5
  • Log level flags are not validated

    Log level flags are not validated

    Proxify version:

    0.0.7

    Current Behavior:

    When both -silent and -v flags are set, most logs are turned off but resp body is printed.

    Expected Behavior:

    When both -silent and -v flags are set, proxify returns an error or exception.

    Steps To Reproduce:

    1. Run proxify -v -silent

    Anything else:

    Related discussion: https://github.com/projectdiscovery/proxify/discussions/145

    Type: Bug 
    opened by mjkim610 0
  • Make the verbosity option more granular

    Make the verbosity option more granular

    Using the -v flag with proxify, shows the whole request.

    It would be nice if -v would only show the target and the request type (e.g. HTTP POST https://projectdiscovery.io), and the body would only be shown if the -vv flag is specified.

    Note: -vv should implicitly include -v.

    Type: Enhancement Status: Completed 
    opened by forgedhallpass 0
  • The request match and replace DSL functionality does not work

    The request match and replace DSL functionality does not work

    proxify -request-match-replace-dsl "replace(request,'curl','firefox')" -v -hp http://localhost:8080
    curl google.com --proxy-insecure -x localhost:8888 -v -L
    

    In the verbose output of proxify the value seems to be changed, but not the actual request.

    image

    image

    image

    Type: Bug Status: Completed Status: Review Needed 
    opened by forgedhallpass 5
Releases(v0.0.7)
Owner
ProjectDiscovery
Security Through Intelligent Automation
ProjectDiscovery
HTTP API traffic recording and replay middleware based on GoReplay, can be used for migration and refactoring testing

gorc HTTP API traffic recording and replay middleware based on GoReplay, can be used for migration and refactoring testing. English | 中文 Requirements

Jioby 2 Feb 13, 2022
A simple network analyzer that capture http network traffic

httpcap A simple network analyzer that captures http network traffic. support Windows/MacOS/Linux/OpenWrt(x64) https only capture clienthello colorful

null 1 Nov 24, 2021
dumpr! is a tool to capture text based tcp traffic from the receivers point of view.

dumpr! dumpr! is a tool to capture text based tcp traffic. The project came about for the need to capture a web request from the back end. It was also

null 2 Dec 4, 2021
A CLI-based HTTP intercept and replay proxy

GLORP Glorp is an HTTP intercept proxy, allowing the inspection and replaying of HTTP requests. The layout and flow was designed to function similar t

DoI 214 Jul 20, 2022
Capdns is a network capture utility designed specifically for DNS traffic. This utility is based on tcpdump.

Capdns is a network capture utility designed specifically for DNS traffic. This utility is based on tcpdump. Some of its features include: Unde

Infvie Envoy 10 Feb 26, 2022
[WIP] gg is a portable tool to redirect the traffic of a given program to your modern proxy without installing any other programs.

gg gg (go-graft), was inspired by graftcp. go-graft is a pure golang implementation with more useful features. TODO: Use system DNS as the fallback. R

mzz 196 Aug 11, 2022
Record and replay a go net.Conn, mosting for testing.

fakeconn Record and replay a go net.Conn, mostly for testing and debugging. This package isn't finished, so you probably shouldn't use it. Recording f

null 0 Dec 5, 2021
Http-logging-proxy - A HTTP Logging Proxy For Golang

http-logging-proxy HTTP Logging Proxy Description This project builds a simple r

null 3 Aug 1, 2022
Reverse proxy server to filter traffic based on JA3 fingerprint/hash

JA3RP (JA3 Reverse Proxy) Ja3RP is a basic reverse proxy server that filters traffic based on JA3 fingerprints. It can also operate as a regular HTTP

Sleeyax 15 Jul 18, 2022
Simple TCP proxy to visualise NATS client/server traffic

NATS uses a simple publish/subscribe style plain-text protocol to communicate between a NATS Server and its clients. Whilst this connection should remain opaque to the user, it can be quite handy to see the data being passed from time to time - this tool does just that (it also saves me loading Wireshark and filtering the NATS traffic).

Joseph Woodward 0 Jan 15, 2022
🐉 Simple WireGuard proxy with minimal overhead for WireGuard traffic.

swgp-go ?? Simple WireGuard proxy with minimal overhead for WireGuard traffic. Proxy Modes 1. Zero overhead Simply AES encrypt the first 16 bytes of a

null 31 Aug 10, 2022
A simple tool to convert socket5 proxy protocol to http proxy protocol

Socket5 to HTTP 这是一个超简单的 Socket5 代理转换成 HTTP 代理的小工具。 如何安装? Golang 用户 # Required Go 1.17+ go install github.com/mritd/[email protected] Docker 用户 docker pull m

mritd 8 Aug 4, 2022
This is a tool that will proxy simple HTTPS requests to an external HTTP endpoint

AcmeShield A secured HTTP proxy that forwards requests from a remote service(Postman). This is a tool that will proxy simple HTTPS requests to an exte

Octavio Cano 1 Mar 21, 2022
Goproxy - HTTP/HTTPS Forward and Reverse Proxy

Go HTTP(s) Forward/Reverse Proxy This is intended to provide the proxy for the goproxy frontend. It is currently a work in progress, and is not very s

David Christenson 0 Jan 4, 2022
Websockify-go - A reverse proxy that support tcp, http, https, and the most important, noVNC, which makes it a websockify

websockify-go | mproxy a reverse proxy that support tcp, http, https, and the mo

null 2 Mar 19, 2022