ScanCannon
A tool for discovering and enumerating external attack surfaces
replayproxy allows you to 're-live' a HTTP session which has been captured in a .pcap file (e.g. in Wireshark). It parses the HTTP streams, caches them, and starts a HTTP proxy. It then replies to HTTP requests with the matching response from the .pcap, ignoring all other requests. Usage: replayproxy.py [-h] [-H HOST] [-p PORT] [-v[v]] FILENAME Arguments: -h|--help Show usage information -H HOST IP to start the proxy on (DEFAULT: 127.0.0.1) -p PORT Port to listen on (DEFAULT: 3128) -v[v] Verbose output (DEFAULT: log only ERRORs, -v = INFO, -vv = DEBUG) FILENAME Path to the .pcap file to parse (required) Normal usage: - Obtain a .pcap file containing the captured HTTP session (e.g. using tcpdump or Wireshark) - Run replayproxy to start the HTTP proxy (see details above) - Configure your browser to use the proxy settings (IP & port) on which replayproxy is running - Browse to the site that was captured To get you started, test.pcap in this repository contains a capture of a visit to http://www.honeynet.org Dependencies:
A tool for discovering and enumerating external attack surfaces
A tool for extracting files from network traffic based on file signatures with support for various file formats and scalable search algorithm.
A website scanner that provides a sandbox for the web, allowing users to scan URLs and websites for potential threats and vulnerabilities.
A simple text viewer for Prompt(1) sessions
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
Comprehensive guide for Iptables configuration and firewall rules.