Proxy tool in Kali

Others 2021-02-27 09:22:22 views: null

Proxy tool in Kali

 

1.Mitmproxy

Features:

An intermediary agent tool

Intercept HTTP requests and responses and modify

Save and analyze the data of the entire HTTP request

Delay the client's request and response

Various proxy functions

You can use Python to make some script modifications

SSL certificate support, can support HTTPS request

 

application:

C:\root> mitmproxy -p 8800

 

 

Click on one of them to view detailed information

 

Enter q to return to the host page

 

2.Owasp-zap

 

Owasp Zed Attack Proxy Project (ZAP for short) is a comprehensive penetration testing tool for finding vulnerabilities in web applications. It includes functions such as blocking proxy, automatic processing, passive processing, brute force cracking, port scanning, and spider search.

 

Owasp ZAP is a session debugging tool. The debugging function does not initiate a large number of requests to the website and has little impact on the server.

 

Fill in the proxy address in this place

 

Let's go to Firefox to view the webpage, we can see that there is already

 

 

 

We can right-click to have some functions for us to use

 

 

3.Paros

 

       Paros proxy, this is a proxy program that evaluates the vulnerabilities of web applications, that is, a Java-based web proxy program that can evaluate the vulnerabilities of web applications.

       It supports dynamic editing/viewing of HTTP/HTTPS, thereby changing items such as cookies and form fields. It includes a web communication recorder, web spider, hash calculator, and a scanner that can test common web application attacks (such as SQL injection attacks and cross-site scripting attacks). The tool checks for vulnerabilities in the form of SQL injection, cross-site scripting attacks, directory traversal, etc.

Generally, you need to configure the certificate to access the https website. Please understand how to get the certificate.

Then you can monitor.

4.BurpSutite

Everyone should be very familiar with this, I don’t have more bb

 

I won't say much about the rest. In fact, these tools are very similar. I personally feel that the tools are just a supplementary function. It is enough to use a few skillfully.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Guess you like

Origin blog.csdn.net/weixin_43198291/article/details/112142797
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com