{"id":37958150,"url":"https://github.com/adrgs/requestrepo","last_synced_at":"2026-01-16T18:01:49.578Z","repository":{"id":109464166,"uuid":"583054436","full_name":"adrgs/requestrepo","owner":"adrgs","description":"Analyze HTTP and DNS requests and create custom DNS records for your subdomain","archived":false,"fork":false,"pushed_at":"2026-01-14T15:43:46.000Z","size":3391,"stargazers_count":475,"open_issues_count":7,"forks_count":27,"subscribers_count":4,"default_branch":"main","last_synced_at":"2026-01-14T19:17:00.267Z","etag":null,"topics":["burp-collaborator","dns","http","interactsh","webhook"],"latest_commit_sha":null,"homepage":"https://requestrepo.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adrgs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2022-12-28T16:18:09.000Z","updated_at":"2026-01-08T11:05:18.000Z","dependencies_parsed_at":"2024-01-13T23:45:10.433Z","dependency_job_id":"7853186e-476d-48e7-aafc-0af37f1d5328","html_url":"https://github.com/adrgs/requestrepo","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/adrgs/requestrepo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adrgs%2Frequestrepo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adrgs%2Frequestrepo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adrgs%2Frequestrepo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adrgs%2Frequestrepo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adrgs","download_url":"https://codeload.github.com/adrgs/requestrepo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adrgs%2Frequestrepo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28480513,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["burp-collaborator","dns","http","interactsh","webhook"],"created_at":"2026-01-16T18:01:49.453Z","updated_at":"2026-01-16T18:01:49.559Z","avatar_url":"https://github.com/adrgs.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# requestrepo.com\n\n\u003cimg src=\"https://i.imgur.com/RIl2c1C.png\" width=\"420\"\u003e\n\n[![CI/CD](https://github.com/adrgs/requestrepo/actions/workflows/quality-checks.yml/badge.svg)](https://github.com/adrgs/requestrepo/actions/workflows/quality-checks.yml)\n\nA tool for analyzing HTTP, DNS, and SMTP requests with custom DNS records and response files.\n\n## Features\n\n- **Multi-protocol logging**: Capture HTTP, DNS, and SMTP requests in real-time\n- **Custom DNS records**: Create A, AAAA, CNAME, and TXT records for your subdomain\n- **Custom response files**: Define custom HTTP responses with headers and body\n- **Real-time updates**: WebSocket-based live request streaming\n- **Auto-TLS**: Automatic HTTPS certificates via Let's Encrypt (DNS-01 challenge)\n- **IP Geolocation**: Country detection for incoming requests (via DB-IP)\n- **Request sharing**: Share individual requests via secure tokens\n- **Admin authentication**: Optional password protection for session creation\n- **No external dependencies**: In-memory cache with LRU eviction (no Redis required)\n\n## Quick Start\n\nRun RequestRepo with Docker:\n\n```bash\ndocker run -d \\\n  --name requestrepo \\\n  -p 80:80 -p 443:443 -p 53:53/udp -p 53:53/tcp -p 25:25 \\\n  -e JWT_SECRET=your-secret-key-min-32-chars \\\n  -e DOMAIN=yourdomain.com \\\n  -e SERVER_IP=your.server.ip \\\n  -e TLS_ENABLED=true \\\n  -e ACME_EMAIL=admin@yourdomain.com \\\n  -v requestrepo-certs:/app/certs \\\n  ghcr.io/adrgs/requestrepo:latest\n```\n\nThis starts all services: HTTP (80), HTTPS (443), DNS (53), SMTP (25).\n\n## Using Docker Compose\n\n### Production (Pull from Registry)\n\n```sh\ngit clone --depth 1 https://github.com/adrgs/requestrepo.git\ncd requestrepo\ncp .env.example .env  # Edit .env with your settings\n\n# Use production image from ghcr.io\ndocker compose -f docker-compose.yml up -d\n```\n\n### Development (Build Locally)\n\n```sh\ngit clone https://github.com/adrgs/requestrepo.git\ncd requestrepo\ncp .env.example .env\n\n# Build and run locally (uses docker-compose.override.yml automatically)\ndocker compose up -d --build\n```\n\nThis starts all services:\n- HTTP server on port 80\n- HTTPS server on port 443 (with auto-TLS)\n- DNS server on port 53\n- SMTP server on port 25\n\n## DNS Configuration\n\nFor DNS logging to work, configure your domain's nameserver to point to your server.\n\n### Root Domain Setup\n\nDedicate the entire domain to requestrepo (e.g., `requestrepo.com`):\n\n| Record Type | Name  | Value             |\n| ----------- | ----- | ----------------: |\n| NS          | `@`   | `ns1.example.com` |\n| A           | `ns1` | `\u003cSERVER_IP\u003e`     |\n\n### Subdomain Setup\n\nRun requestrepo on a subdomain (e.g., `rr.example.com`):\n\n| Record Type | Name  | Value             |\n| ----------- | ----- | ----------------: |\n| NS          | `rr`  | `ns1.example.com` |\n| A           | `ns1` | `\u003cSERVER_IP\u003e`     |\n\nFor subdomain setups behind a reverse proxy, ensure:\n1. The `Host` header is preserved\n2. WebSocket support is enabled for `/api/v2/ws`\n\n## IP Geolocation\n\nThe Docker image includes the [DB-IP](https://db-ip.com/db/download/ip-to-country-lite) country database by default. For local development without Docker, download manually:\n\n```sh\nmkdir -p ip2country/vendor\ncurl -o ip2country/vendor/dbip-country-lite.csv.gz \\\n  \"https://download.db-ip.com/free/dbip-country-lite-$(date +%Y-%m).csv.gz\"\n```\n\n## Development\n\n### Prerequisites\n\n- [Rust](https://rustup.rs/) 1.75+\n- [Bun](https://bun.sh/) 1.0+\n- Docker (optional, for deployment)\n\n### Installation\n\n```sh\nmake install\n```\n\n### Starting Services\n\n```sh\n# Start backend (Rust)\nmake start-backend\n\n# Start frontend (React/Vite)\nmake start-frontend\n```\n\n### Available Commands\n\n| Command | Description |\n|---------|-------------|\n| `make install` | Install all dependencies and git hooks |\n| `make start-backend` | Start Rust backend server |\n| `make start-frontend` | Start React development server |\n| `make build` | Build Rust backend (release mode) |\n| `make test` | Run all tests |\n| `make lint` | Run linters (clippy + eslint) |\n| `make format` | Format code (rustfmt + prettier) |\n| `make docker-build` | Build Docker image |\n| `make docker-up` | Start Docker containers |\n| `make docker-down` | Stop Docker containers |\n\n## Architecture\n\n```\nrequestrepo/\n├── src/                 # Rust backend\n│   ├── cache/          # In-memory LRU cache\n│   ├── certs/          # TLS/ACME certificate management\n│   ├── dns/            # DNS server\n│   ├── http/           # HTTP/HTTPS server + REST API\n│   ├── smtp/           # SMTP server\n│   └── utils/          # JWT, config, helpers\n├── frontend/           # React frontend\n│   ├── src/\n│   │   ├── components/ # UI components\n│   │   ├── pages/      # Page components\n│   │   ├── stores/     # Zustand state stores\n│   │   └── hooks/      # Custom React hooks\n│   └── ...\n└── ip2country/         # IP geolocation database\n```\n\n## Environment Variables\n\nSee [.env.example](.env.example) for all available options.\n\n| Variable | Required | Default | Description |\n|----------|----------|---------|-------------|\n| `JWT_SECRET` | Yes | - | Secret key for JWT signing (min 32 chars) |\n| `DOMAIN` | Yes | - | Base domain (e.g., `requestrepo.com`) |\n| `SERVER_IP` | Yes | - | Public IP for DNS responses |\n| `ADMIN_TOKEN` | No | - | Password for session creation |\n| `TLS_ENABLED` | No | `false` | Enable HTTPS with Let's Encrypt |\n| `ACME_EMAIL` | No | - | Email for Let's Encrypt (required if TLS enabled) |\n| `HTTP_PORT` | No | `80` | HTTP server port |\n| `HTTPS_PORT` | No | `443` | HTTPS server port |\n| `DNS_PORT` | No | `53` | DNS server port |\n| `SMTP_PORT` | No | `25` | SMTP server port |\n| `SENTRY_DSN_BACKEND` | No | - | Sentry DSN for backend error tracking |\n| `SENTRY_DSN_FRONTEND` | No | - | Sentry DSN for frontend error tracking |\n| `CACHE_MAX_MEMORY_PCT` | No | `0.7` | Max cache memory as % of container limit |\n| `MAX_SUBDOMAIN_SIZE_MB` | No | `10` | Max storage per subdomain |\n| `MAX_REQUEST_BODY_MB` | No | `10` | Max HTTP request body size |\n| `SESSION_RATE_LIMIT` | No | `10` | Max sessions per IP per window |\n| `SESSION_RATE_WINDOW_SECS` | No | `60` | Rate limit window in seconds |\n| `ALLOW_ALL_HEADERS` | No | `false` | Allow dangerous headers (e.g., Service-Worker-Allowed) |\n| `RUST_LOG` | No | `info` | Log level (trace, debug, info, warn, error) |\n\n## Interface\n\n![requestrepo demo](https://i.imgur.com/pzn8O18.png)\n\n## Security Acknowledgments\n\nThank you to the following researchers for responsibly disclosing security issues:\n\n- [debsec](https://x.com/deb_security) - LFI via improper path handling\n- [JaGoTu](https://infosec.exchange/@jagotu) - DoS via unrestricted file upload\n- [m0z](https://x.com/LooseSecurity) - LFI via session subdomain\n- [Jorian](https://x.com/J0R1AN) - Session hijacking via Service-Worker-Allowed header\n\n## Contributing\n\nPlease read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct and the process for submitting pull requests.\n\n## License\n\nIf you find this project useful, please consider giving it a star on GitHub.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadrgs%2Frequestrepo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadrgs%2Frequestrepo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadrgs%2Frequestrepo/lists"}