sslsplit
ecapture
Our great sponsors
| sslsplit | ecapture | |
|---|---|---|
| 3 | 9 | |
| 1,722 | 8,173 | |
| - | 3.4% | |
| 5.3 | 9.2 | |
| 9 months ago | 3 days ago | |
| C | C | |
| BSD 2-clause "Simplified" License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
sslsplit
- interesting
-
ARP poisoning & listening
You can, but as pointed out previously, if your certs are not trusted by your target their browser will flag/throw cert errors (that doesn't mean that they can't still proceed with accessing the website). Look at sslsplit: https://github.com/droe/sslsplit
- droe/sslsplit - Transparent SSL/TLS interception
ecapture
- Capture SSL/TLS text content without CA cert using eBPF. supports Linux/Android x86_64/Aarch64.
-
eCapture: capture HTTPS traffic without CA certificates on Android/Linux using Golang.
The answer is YES. eCapture for Android can help you capture HTTPS packets on Android without the trivial settings. and also support Linux Kernel.
-
Go based eBPF projects
eCapture : Capture SSL/TLS text content without CA certificate Using eBPF
-
Kubeshark: The API Traffic Viewer for Kubernetes
One option is to use ebpf uprobes to dump the key material or plaintext (https://github.com/ehids/ecapture ). Should be easy for c-like TLS libraries probably less useful for JIT languages.
-
Can eBPF be used to measure and trace http 502 504
Other standalone project it https://github.com/ehids/ecapture which might be helpful
- ecapture: capture SSL/TLS text content without CA cert using eBPF.
- Ecapture: Capture and Decode TLS with eBPF
- Capture SSL/TLS text content without CA cert by eBPF
What are some alternatives?
SSLproxy - Transparent SSL/TLS proxy for decrypting and diverting network traffic to other programs, such as UTM services, for deep SSL inspection
ssldump - ssldump - (de-facto repository gathering patches around the cyberspace)
e2guardian - E2guardian is a web content filter that can work in proxy, transparent or icap server modes
merecat - Small and made-easy HTTP/HTTPS server based on Jef Poskanzer's thttpd
libresbc - An open source Session Border Controller 🌟 The SBC you dream about 🗽 LibreSBC will help you save thousands of dollars.
wolfssl - The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!
miniupnp - UPnP IGD implementation
golang-tls - Simple Golang HTTPS/TLS Examples
NetCoreServer - Ultra fast and low latency asynchronous socket server & client C# .NET Core library with support TCP, SSL, UDP, HTTP, HTTPS, WebSocket protocols and 10K connections problem solution
ssl-handshake - A command-line tool for testing SSL/TLS handshake latency, written in Go.
Kore - An easy to use, scalable and secure web application framework for writing web APIs in C or Python. || This is a read-only mirror, please see https://kore.io/mail and https://kore.io/source for information on how to contribute via the mailing lists.
pixie - Instant Kubernetes-Native Application Observability