replayproxy
replayproxy allows you to 're-live' a HTTP session which has been captured in a .pcap file (e.g. in Wireshark). It parses the HTTP streams, caches them, and starts a HTTP proxy. It then replies to HTTP requests with the matching response from the .pcap, ignoring all other requests. Usage: replayproxy.py [-h] [-H HOST] [-p PORT] [-v[v]] FILENAME Arguments: -h|--help Show usage information -H HOST IP to start the proxy on (DEFAULT: 127.0.0.1) -p PORT Port to listen on (DEFAULT: 3128) -v[v] Verbose output (DEFAULT: log only ERRORs, -v = INFO, -vv = DEBUG) FILENAME Path to the .pcap file to parse (required) Normal usage: - Obtain a .pcap file containing the captured HTTP session (e.g. using tcpdump or Wireshark) - Run replayproxy to start the HTTP proxy (see details above) - Configure your browser to use the proxy settings (IP & port) on which replayproxy is running - Browse to the site that was captured To get you started, test.pcap in this repository contains a capture of a visit to http://www.honeynet.org Dependencies:
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A Bluetooth 5 and 4.x sniffer using TI CC1352/CC26x2 hardware with advanced features and Python-based host-side software.
A free DNS recursive service that blocks malicious host names and protects user privacy.
A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
A free, open-source network protocol analyzer for capturing and displaying packet-level data.
WiGLE.net is a platform that collects and provides data on WiFi networks and cell towers, with over 1.3 billion networks collected.
NBD (Network Block Device) is a network protocol implementation that allows clients to access remote block devices over a network as if they were local storage.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.