replayproxy Logo

replayproxy

0
Free
Visit Website

replayproxy allows you to 're-live' a HTTP session which has been captured in a .pcap file (e.g. in Wireshark). It parses the HTTP streams, caches them, and starts a HTTP proxy. It then replies to HTTP requests with the matching response from the .pcap, ignoring all other requests. Usage: replayproxy.py [-h] [-H HOST] [-p PORT] [-v[v]] FILENAME Arguments: -h|--help Show usage information -H HOST IP to start the proxy on (DEFAULT: 127.0.0.1) -p PORT Port to listen on (DEFAULT: 3128) -v[v] Verbose output (DEFAULT: log only ERRORs, -v = INFO, -vv = DEBUG) FILENAME Path to the .pcap file to parse (required) Normal usage: - Obtain a .pcap file containing the captured HTTP session (e.g. using tcpdump or Wireshark) - Run replayproxy to start the HTTP proxy (see details above) - Configure your browser to use the proxy settings (IP & port) on which replayproxy is running - Browse to the site that was captured To get you started, test.pcap in this repository contains a capture of a visit to http://www.honeynet.org Dependencies:

FEATURES

ALTERNATIVES

Automated signature creation using honeypots for network intrusion detection systems.

Open source framework for network traffic analysis with advanced features.

A module for loading Bro logs as tables in Osquery

A next-generation intrusion prevention system that combines signature-based and behavioral detection techniques to identify and block sophisticated network threats across hybrid environments.

JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.

Django based web application for network traffic analysis with protocol handling capabilities.

A free DNS recursive service that blocks malicious host names and protects user privacy.

DOS attack by sending fake BPDUs to disrupt switches' STP engines.

PINNED