Proxy tool in Kali
1.Mitmproxy
Features:
An intermediary agent tool
Intercept HTTP requests and responses and modify
Save and analyze the data of the entire HTTP request
Delay the client's request and response
Various proxy functions
You can use Python to make some script modifications
SSL certificate support, can support HTTPS request
application:
C:\root> mitmproxy -p 8800
Click on one of them to view detailed information
Enter q to return to the host page
2.Owasp-zap
Owasp Zed Attack Proxy Project (ZAP for short) is a comprehensive penetration testing tool for finding vulnerabilities in web applications. It includes functions such as blocking proxy, automatic processing, passive processing, brute force cracking, port scanning, and spider search.
Owasp ZAP is a session debugging tool. The debugging function does not initiate a large number of requests to the website and has little impact on the server.
Fill in the proxy address in this place
Let's go to Firefox to view the webpage, we can see that there is already
We can right-click to have some functions for us to use
3.Paros
Paros proxy, this is a proxy program that evaluates the vulnerabilities of web applications, that is, a Java-based web proxy program that can evaluate the vulnerabilities of web applications.
It supports dynamic editing/viewing of HTTP/HTTPS, thereby changing items such as cookies and form fields. It includes a web communication recorder, web spider, hash calculator, and a scanner that can test common web application attacks (such as SQL injection attacks and cross-site scripting attacks). The tool checks for vulnerabilities in the form of SQL injection, cross-site scripting attacks, directory traversal, etc.
Generally, you need to configure the certificate to access the https website. Please understand how to get the certificate.
Then you can monitor.
4.BurpSutite
Everyone should be very familiar with this, I don’t have more bb
I won't say much about the rest. In fact, these tools are very similar. I personally feel that the tools are just a supplementary function. It is enough to use a few skillfully.