PETEP (PEnetration TEsting Proxy) Logo

PETEP (PEnetration TEsting Proxy)

0
Free
Visit Website

PETEP (PEnetration TEsting Proxy) is an open-source Java application for creating proxies for traffic analysis & modification. The main goal of PETEP is to provide a useful tool for performing penetration tests of applications with various protocols (on TCP/UDP) by setting up proxies and interceptors to manage the traffic transmitted between the client and the server. Links 🌐 Official Website: [Link](official_website) 🔽 Download: [Link](download) 📖 User Guide: [Link](user_guide) 📚 Methodology: [Link](methodology) 👩‍💻 Developer Guide: [Link](developer_guide) 🎬 Youtube PETEP - Tutorial (TCP Proxy for Hacking) Installation & Usage Requirements: Java 11+ (for M1, M2 Mac use Java 17+) Running PETEP for the first time: - Download latest PETEP release - Extract PETEP zip file - Run PETEP using petep.sh (Linux, Mac) or petep.bat (Windows) # Linux / Mac chmod +x petep.sh ./petep.sh # Windows petep.bat Tip: Provided run scripts contain useful variables, including the working directory (for petep.json file) and the path to the Java executable. You might need to change it if you do not have it in PATH or you use multiple Java versions on your machine. Setting up your first project: - Start PETEP - Create a new project using the FULL preset and click Run - In Settings, set up TCP/UDP proxy and optionally configure interceptors - Click

FEATURES

ALTERNATIVES

SharpShares efficiently enumerates and maps network shares and resolves names within a domain.

A blog post discussing the often overlooked dangers of CSV injection in applications.

A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement

A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.

A specification/framework for extending default C2 communication channels in Cobalt Strike

Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.

A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.

A powerful enumeration tool for discovering assets and subdomains.

PINNED