WSSiP
Short for "WebSocket/Socket.io Proxy", this tool, written in Node.js, provides a user interface to capture, intercept, send custom messages and view all WebSocket and Socket.IO communications between the client and server. Upstream proxy support also means you can forward HTTP/HTTPS traffic to an intercepting proxy of your choice (e.g. Burp Suite or Pappy Proxy) but view WebSocket traffic in WSSiP. There is an outward bridge via HTTP to write a fuzzer in any language you choose to debug and fuzz for security vulnerabilities. See Fuzzing for more details. Written and maintained by Samantha Chalker (@thekettu). Icon for WSSiP release provided by @dragonfoxing. Installation From Packaged Application See Releases. From npx via npm (for CLI commands) Run the following in your command line: npx wssip. From Source Using a command line: # Clone repository locally git clone https://github.com/nccgroup/wssip # Change to the directory cd wssip # If you are developing for WSSiP: # npm i # If not... (as to minimize disk space): npm i electron npm i --production # Yarn version: # yarn add electron # yarn install
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.
Tor Browser is a free and open-source software that allows users to browse the internet anonymously and privately.
NBD is a user-space network protocol for sharing block devices over a network, allowing clients to access block devices on a server as if they were local.
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
A Bluetooth 5 and 4.x sniffer using TI CC1352/CC26x2 hardware with advanced features and Python-based host-side software.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.