吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

查看: 4845|回复: 25
收起左侧

[Network Analyzer] 工具发布:Xepor,Web 流量自动化篡改 framework

  [复制链接]
ttimasdf 发表于 2022-3-21 15:52
项目地址: https://github.com/xepor/xepor

个人做的一款框架类工具,一款 Web 流量自动化篡改 framework。用户无感知免 root 全流量抓包,十行代码过云端授权,一百行代码过视频加密。用例文档API说明啥啥都有,欢迎点个 star。​

由于项目本身的特性,使用它需要用户结合实际渗透目标编写脚本实现具体功能,存在一定的学习门槛,为了方便大家上手,特意准备了一些简单的实例。包括:

  • 以 httpbin 为例演示简单的请求、返回值监听篡改
  • 以某软件为例破解云端授权验证
  • 以某网站为例,监听、解密、保存加密的视频流


用例位于: xepor/xepor-examples: Examples for using Xepor framework https://github.com/xepor/xepor-examples

以下引用项目介绍(最近文档写太多了我就不翻译了):

Xepor

Xepor (pronounced /ˈzɛfə/, zephyr), a web routing framework for reverse engineers and security researchers.
It provides a Flask-like API for hackers to intercept and modify HTTP request and/or HTTP response in a human-friendly coding style.

This project is meant to be used with mitmproxy. User write scripts with xepor, and run the script inside mitmproxy with mitmproxy -s your-script.py.

If you want to step from PoC to production, from demo(e.g. http-reply-from-proxy.py, http-trailers.py, http-stream-modify.py) to something you could take out with your WiFi Pineapple, then Xepor is for you!

Features

  1. Code everything with @api.route(), just like Flask! Write everything in one script and no if..else any more.
  2. Handle multiple URL routes, even multiple hosts in one InterceptedAPI instance.
  3. For each route, you can choose to modify the request before connecting to server (or even return a fake response without connection to upstream), or modify the response before forwarding to user.
  4. Blacklist mode or whitelist mode. Only allow URL endpoints defined in scripts to connect to upstream, blocking everything else (in specific domain) with HTTP 404. Suitable for transparent proxying.
  5. Human readable URL path definition and matching powered by parse
  6. Host remapping. define rules to redirect to genuine upstream from your fake hosts. Regex matching is supported. Best for SSL stripping and server side license cracking!
  7. Plus all the bests from mitmproxy! ALL operation modes ( mitmproxy / mitmweb + regular / transparent  / socks5 / reverse:SPEC / upstream:SPEC) are fully supported.

Use Case

  1. Evil AP and phishing through MITM.
  2. Sniffing traffic from specific device by iptables + transparent proxy, modify the payload with xepor on the fly.
  3. Cracking cloud based software license. See examples/krisp/ as an example.
  4. Write complicated web crawler in \~100 lines of codes. See examples/polyv_scrapper/ as an example.
  5. ... and many more.

SSL stripping is NOT provided by this project.

Installation

pip install xepor

免费评分

参与人数 5吾爱币 +6 热心值 +5 收起 理由
pk8900 + 3 + 1 感谢发布原创作品,吾爱破解论坛因你更精彩!
菜鸟2016 + 1 + 1 我很赞同!
笙若 + 1 + 1 谢谢@Thanks!
blwwst + 1 + 1 热心回复!
488789935ty + 1 我很赞同!

查看全部评分

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。

 楼主| ttimasdf 发表于 2022-3-22 10:29
慵懒丶L先森 发表于 2022-3-21 23:17
感谢开源,不知道是不是和BurpSuite/ZAP一样的原理,还是再更上一层进行流量转发

原理一样,但xepor是一个提高自动化改报文效率的API框架。

burp就没有自动化的功能,ZAP的API偏向于对GUI功能的封装,改数据包这一块没啥能好用的API。Fiddler和mitmproxy的脚本功能类似,只能在报文里一个一个字段去手动判断,封装的不够。
pansophy 发表于 2022-3-21 17:16
488789935ty 发表于 2022-3-21 17:34
NumCL 发表于 2022-3-21 17:45
感谢分享,我去学习学习
wdajsh 发表于 2022-3-21 18:02
x学习一下
glorymusic 发表于 2022-3-21 18:13
感谢分享,值得学习深入~!~~!~!~
LuoJunJunJun 发表于 2022-3-21 18:36

有用,感谢楼主分享CB
canlei 发表于 2022-3-21 19:35
好东西,有玩具可以研究了
junjun001 发表于 2022-3-21 20:27
这个主要能用来干嘛啊
xuexiba 发表于 2022-3-21 20:35
高手,感谢分享。
您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-12-23 00:53

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表