{"id":28640559,"url":"https://github.com/anof-cyber/interceptsuite","last_synced_at":"2025-06-12T20:07:12.293Z","repository":{"id":296411892,"uuid":"988587257","full_name":"Anof-cyber/InterceptSuite","owner":"Anof-cyber","description":"A powerful SOCKS5 proxy based network traffic interception tool for Windows that enables TLS/SSL inspection, analysis, and manipulation at the network level.","archived":false,"fork":false,"pushed_at":"2025-06-06T20:19:32.000Z","size":4170,"stargazers_count":64,"open_issues_count":2,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-06T20:26:58.406Z","etag":null,"topics":["cybersecurity","interceptor","network-analysis","network-security","pentesting","socks5","tcp","tls","windows"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Anof-cyber.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-22T19:13:15.000Z","updated_at":"2025-06-05T22:00:47.000Z","dependencies_parsed_at":"2025-05-30T20:32:57.127Z","dependency_job_id":"0ed5adad-0eeb-4610-a345-42df37eee560","html_url":"https://github.com/Anof-cyber/InterceptSuite","commit_stats":null,"previous_names":["anof-cyber/interceptsuite"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/Anof-cyber/InterceptSuite","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anof-cyber%2FInterceptSuite","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anof-cyber%2FInterceptSuite/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anof-cyber%2FInterceptSuite/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anof-cyber%2FInterceptSuite/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Anof-cyber","download_url":"https://codeload.github.com/Anof-cyber/InterceptSuite/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Anof-cyber%2FInterceptSuite/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259522110,"owners_count":22870449,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","interceptor","network-analysis","network-security","pentesting","socks5","tcp","tls","windows"],"created_at":"2025-06-12T20:07:10.907Z","updated_at":"2025-06-12T20:07:12.282Z","avatar_url":"https://github.com/Anof-cyber.png","language":"C","funding_links":["https://github.com/sponsors/Anof-cyber","https://www.buymeacoffee.com/AnoF"],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"logo.png\" alt=\"InterceptSuite Logo\" width=\"120\"/\u003e\n\n# 🛡️ InterceptSuite\n\n### *TLS/SSL Traffic Interception \u0026 Analysis*\n*Protocol-agnostic network traffic inspection that goes beyond traditional HTTP-only tools*\n\u003c/div\u003e\n\n\n\n![Tauri](https://img.shields.io/badge/Tauri-FFC131?style=for-the-badge\u0026logo=tauri\u0026logoColor=black)\n![Rust](https://img.shields.io/badge/Rust-000000?style=for-the-badge\u0026logo=rust\u0026logoColor=white)\n![C](https://img.shields.io/badge/C-00599C?style=for-the-badge\u0026logo=c\u0026logoColor=white)\n[![Build Status](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/rust-tauri.yml/badge.svg)](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/rust-tauri.yml)\n[![C InterceptSuite Build](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/Build-Lib.yml/badge.svg)](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/Build-Lib.yml)\n[![Linux Release Build](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/release-linux.yml/badge.svg)](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/release-linux.yml)\n[![macOS Release Build](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/release-macos.yml/badge.svg)](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/release-macos.yml)\n[![Windows Release Build](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/release-windows.yml/badge.svg)](https://github.com/Anof-cyber/InterceptSuite/actions/workflows/release-windows.yml)\n[![Downloads](https://img.shields.io/github/downloads/anof-cyber/InterceptSuite/total)](https://github.com/anof-cyber/InterceptSuite/releases)\n[![License](https://img.shields.io/github/license/anof-cyber/InterceptSuite)](LICENSE)\n[![Stars](https://img.shields.io/github/stars/anof-cyber/InterceptSuite)](https://github.com/anof-cyber/InterceptSuite)\n\n![Platform Support](https://img.shields.io/badge/Platform-Windows%20%7C%20Linux%20%7C%20macOS-purple)\n![Tauri](https://img.shields.io/badge/GUI-Tauri%20%2B%20Rust-orange)\n![Protocol](https://img.shields.io/badge/Protocol-SOCKS5-blue)\n\n\n\n---\n\n## 🌟 Overview\n\n**InterceptSuite** is a cross-platform network traffic interception tool engineered for comprehensive TLS/SSL inspection, analysis, and manipulation at the network level. Unlike traditional tools such as Burp Suite or OWASP ZAP that focus specifically on HTTP/HTTPS traffic, InterceptSuite provides **unprecedented visibility** into any TLS-encrypted protocol, operating seamlessly at the TCP/TLS layer.\n\n### 🎯 The Challenge We Solve\n\nThe original inspiration behind InterceptSuite was to address a critical gap in application penetration testing. Security professionals often struggle with limited options for intercepting network traffic from native applications, making it challenging to perform comprehensive packet or traffic analysis of thick clients and custom protocols.\n\n### 💡 Our Solution\n\nInterceptSuite bridges this gap by providing a **universal TLS interception engine** that works with any protocol, giving security researchers the tools they need to analyze, understand, and test encrypted communications effectively.\n\n### Platform Support\n\n| Component | Windows | Linux | macOS |\n|-----------|:-------:|:-----:|:-----:|\n| Core Library | ✅ | ✅ | ✅ |\n| GUI Interface | ✅ | ✅ | ✅ |\n\n## Table of Contents\n\n- [🌟 Overview](#-overview)\n- [✨ Features](#-features)\n- [🚀 Getting Started](#-getting-started)\n- [📖 Usage](#-usage)\n- [🔧 Proxy Configuration](#-proxy-configuration)\n- [⚠️ Current Limitations](#️-current-limitations)\n- [🤔 When to Use InterceptSuite vs. HTTP-Specific Tools](#-when-to-use-interceptsuite-vs-http-specific-tools)\n- [🖼️ Screenshots](#️-screenshots--interface)\n- [🛠️ Development](#️-development)\n- [📄 License](#-license)\n- [🙏 Acknowledgments](#-acknowledgments)\n\n## ✨ Features\n\n- **🌐 Protocol-Agnostic TLS Interception**: Intercept TLS/SSL traffic from any application or protocol\n- **🔌 SOCKS5 Proxy Integration**: Uses SOCKS5 proxy protocol for versatile connection handling\n- **⚡ Real-time Traffic Analysis**: View decrypted traffic as it flows through the proxy\n- **🎛️ Connection Management**: Track active connections and view their details\n- **🔐 Certificate Authority Management**: Automatic generation of CA certificates with platform-specific storage\n- **🔧 Traffic Manipulation**: Modify intercepted traffic before forwarding\n- **⚡ High-Performance C Core**: Optimized C engine for maximum speed and minimal memory footprint\n- **📚 Custom Integration**: Embed TLS interception capabilities into your own applications with our DyLib, So and DLL\n- **🎨 Modern GUI**: Built with Tauri + Rust frontend and high-performance C core\n- **📝 Detailed Logging**: Comprehensive logging with automatic rotation and cleanup\n\n## 🚀 Getting Started\n\n### Prerequisites\n\n- **Windows 10/11 (64-bit)**, **Linux (x64)**, or **macOS (Apple Silicon)**\n\n### Installation\n\n1. **Download** the platform-specific installer from the [Releases page](https://github.com/anof-cyber/InterceptSuite/releases)\n   - **Windows**: `.exe` installer or `.msi` package\n   - **Linux**: `.deb` (Ubuntu/Debian) or `.rpm` (RedHat/Fedora) package\n   - **macOS**: `.dmg` disk image\n2. **Run** the installer and follow the setup wizard\n3. **Launch** InterceptSuite from your applications menu or desktop shortcut\n\n\u003e **Note:** Platform-specific native installers are available for seamless installation on all supported operating systems.\n\n### ⚠️ Security Warning - Unsigned Binaries\n\n\u003e [!WARNING]\n\u003e **Code Signing Status**: Current releases contain unsigned binaries and installers. This may trigger security warnings during installation and execution.\n\n#### Platform-Specific Behavior:\n\n- **🐧 Linux**: No security issues expected. Unsigned binaries run normally.\n\n- **🪟 Windows**:\n  - Windows Defender SmartScreen may display warnings about \"unknown application\"\n  - You may see prompts like \"Windows protected your PC\"\n  - Click \"More info\" → \"Run anyway\" to proceed with installation\n  - Some antivirus software may flag unsigned executables as potentially unwanted\n\n- **🍎 macOS**:\n  - Gatekeeper will prevent execution of unsigned applications\n  - You may see \"cannot be opened because it is from an unidentified developer\" or \"Interceptsuite is damaged and can't be opened.\"\n  - **Recommended Solution**: Remove quarantine attributes: `xattr -dr com.apple.quarantine /Applications/interceptsuite.app`\n  - **Alternative Method 1**: Right-click the application → \"Open\" → Confirm in dialog\n  - **Alternative Method 2**: Temporarily disable Gatekeeper: `sudo spctl --master-disable`\n  - **Note**: After removing quarantine attributes, the app will launch normally from both command line and GUI\n\n\u003e [!NOTE]\n\u003e **Code Signing Costs \u0026 Open Source Reality**: Code signing certificates are paid services across all platforms - there are no free platforms available that support open source projects for binary signing. Apple, Microsoft, and other certificate authorities require paid certificates for code signing. Since InterceptSuite is an open source project, binaries remain unsigned without paid options.\n\u003e\n\n\u003e\n**💖 Support Code Signing**: If you'd like to help us obtain code signing certificates, you can support the project through:\n- **₿ Bitcoin**: `bc1qusxngf2w5gl2g8hw82ggct59227k4963f9fwhm`\n- **💎 GitHub Sponsor**: [https://github.com/sponsors/Anof-cyber](https://github.com/sponsors/Anof-cyber)\n- **☕ Buy Me a Coffee**: [https://www.buymeacoffee.com/AnoF](https://www.buymeacoffee.com/AnoF)\n## 📖 Usage\n\nFor comprehensive setup and usage instructions, see our detailed **[Usage Guide](Usage.md)**.\n\n### Quick Start\n\n1. **Launch** InterceptSuite application\n2. **Start** the proxy server (default: `127.0.0.1:4444`)\n3. **Install** the generated CA certificate as a trusted root\n4. **Configure** your client application to use the SOCKS5 proxy\n5. **Begin** intercepting and analyzing TLS traffic\n\n\u003e **Important:** InterceptSuite generates a unique CA certificate on first run that must be installed as a trusted root certificate authority for TLS interception to work.\n\n\n## GitAds Sponsored\n[![Sponsored by GitAds](https://gitads.dev/v1/ad-serve?source=anof-cyber/interceptsuite@github)](https://gitads.dev/v1/ad-track?source=anof-cyber/interceptsuite@github)\n\n\n\n## 🔧 Proxy Configuration\n\nConfigure your client application to use the SOCKS5 proxy at `127.0.0.1:4444`.\n\nFor detailed platform-specific configuration instructions, see the **[Usage Guide](Usage.md)**.\n\n### Platform Notes\n\n- **Windows**: Use Proxifier for system-wide SOCKS5 support\n- **Linux**: Multiple options including ProxyCap, tsocks, Proxychains, or iptables\n- **macOS**: Proxifier for Mac or Proxychains-ng for terminal applications\n\n## ⚠️ Current Limitations\n\nUnderstanding InterceptSuite's current limitations helps you choose the right tool for your specific use case.\n\n### 🚫 Non-Standard TLS Handshakes\n\n**Current Limitation:** InterceptSuite cannot bypass TLS for protocols that do not use standard TLS handshake as the initial packet after TCP handshake.\n\n#### 📋 Affected Protocols:\n\n- **🐘 PostgreSQL** - TLS sessions\n- **🐬 MySQL** - TLS sessions\n- **🔧 SmartTLS** - Similar technologies\n- **🔌 Custom Protocols** - Non-standard handshakes\n\n\u003e **🔜 Future Release:** This functionality is planned for future releases.\n\n### 📊 Protocol Dissection\n\n**Current Limitation:** The tool does not support protocol dissection, meaning it cannot decode protocol-specific binary formats or encodings regardless of whether TLS is used.\n\n#### 🔍 Examples of Non-Supported Formats:\n\n| Format Type | Examples | Description |\n|-------------|----------|-------------|\n| Binary Protocols | Protocol Buffers, MessagePack | Structured binary encodings |\n| Custom Encodings | Application-specific formats | Proprietary data structures |\n| Compressed Data | Obfuscated data streams | Compressed or encoded payloads |\n\n\u003e **💡 Important Note:** If a protocol doesn't transmit data in plain text (even after TLS decryption), InterceptSuite will show the raw bytes but not interpret them.\n\n\u003e **🔜 Future Release:** Protocol dissection functionality is planned for future releases.\n\n## 🤔 When to Use InterceptSuite vs. HTTP-Specific Tools\n\nChoose the right tool for your security testing needs with our comprehensive comparison guide.\n\n\u003e [!NOTE]\n\u003e **🎯 Key Recommendation:** While InterceptSuite can handle HTTP/HTTPS traffic, it is **strongly recommended** to use HTTP-specific tools like Burp Suite or OWASP ZAP for web traffic inspection. These tools provide specialized features optimized for HTTP-based protocols.\n\n### ✅ Use InterceptSuite when:\n\n- 🌐 Working with **non-HTTP TLS-encrypted protocols**\n- 🔍 Analyzing network traffic at the **TCP/TLS layer**\n- 🛠️ Debugging **custom TLS-encrypted protocols**\n- 📱 Testing **thick client applications**\n- 🎮 Analyzing **game or IoT protocols**\n- 🔧 Developing **protocol-specific security tools**\n\n### 🌐 Use Burp Suite or OWASP ZAP when:\n\n- 🌍 Working specifically with **HTTP/HTTPS traffic**\n- 🖥️ Testing **web applications**\n- 🔒 Performing **web security assessments**\n- 🔄 When HTTP-specific features are needed:\n  - Request repeating\n  - Vulnerability scanning\n  - Session management\n  - Authentication testing\n\n### 🎯 Decision Matrix\n\n| Scenario | InterceptSuite | Burp/ZAP | Reason |\n|:---------|:--------------:|:---------:|:--------|\n| 🌐 Web App Testing | ❌ | ✅ | HTTP-specific features needed |\n| 📱 Mobile App API | 🤔 | ✅ | Depends on protocol (HTTP vs custom) |s\n| 🔌 IoT Device Comms | ✅ | ❌ | Custom TLS protocols |\n| 🖥️ Desktop App Traffic | ✅ | 🤔 | Protocol-dependent |\n| 🔒 Database TLS | ⚠️ | ❌ | Limited support (future feature) |\n\n**Legend:** ✅ Recommended • 🤔 Depends • ⚠️ Limited • ❌ Not suitable\n\n\n## 🖼️ Screenshots \u0026 Interface\n\nExplore InterceptSuite's intuitive interface through our comprehensive screenshot gallery showcasing each major feature.\n\n### 🔍 Intercept Tab\n![Intercept Tab](Images/Intercept.png)\n\n*The Intercept tab allows you to view and modify network packets in real-time, providing granular control over TLS traffic flow.*\n\n### 📚 Proxy History Tab\n![Proxy History Tab](Images/Prxoy-History.png)\n\n*The Proxy History tab shows all messages that have passed through the SOCKS5 proxy with comprehensive logging and filtering capabilities.*\n\n### ⚙️ Settings Tab\n![Settings Tab](Images/Settings.png)\n\n*The Settings tab provides configuration options for the proxy server, logging, interception rules, and certificate management. Use the Export Certificate feature to save certificates in different formats.*\n\n### 🔗 Connections Tab\n![Connections Tab](Images/Connections.png)\n\n*The Connections tab displays TCP connection details and allows for exporting connection data with real-time monitoring of active sessions.*\n\n\n## 🛠️ Development\n\nJoin the InterceptSuite development community and contribute to the future of TLS traffic analysis tools.\n\n[![📖 Build Guide](https://img.shields.io/badge/📖%20Build%20Guide-28a745?style=for-the-badge\u0026logoColor=white)](Build.md)\n\n### 🌍 Cross-Platform Building\n\nInterceptSuite now supports building on **Windows**, **Linux**, and **macOS** with native library generation for each platform.\n\n#### 📦 Platform-Specific Library Outputs\n\n| Platform | Library Format | Build Tool | Status |\n|----------|----------------|------------|--------|\n| 🪟 Windows | `.dll` | Visual Studio / CMake | ✅ **Ready** |\n| 🐧 Linux | `.so` | GCC / CMake | ✅ **Ready** |\n| 🍎 macOS | `.dylib` | Clang / CMake | ✅ **Ready** |\n\n\u003e **🚀 Getting Started with Development:**\n\u003e\n\u003e For detailed instructions on building InterceptSuite for each platform, see the [**Build Guide**](Build.md). This guide includes platform-specific prerequisites, build commands, and troubleshooting tips.\n\n### 🤝 Contributing\n\n- **🐛 Bug Reports** - Found an issue? Report it on our GitHub Issues page with detailed reproduction steps.\n- **✨ Feature Requests** - Have an idea for improvement? We welcome feature requests and enhancement suggestions.\n- **🔧 Pull Requests** - Ready to contribute code? Check our contribution guidelines before submitting PRs.\n- **📚 Documentation** - Help improve our documentation, examples, and tutorials for better user experience.\n\n## 📄 License\n\nInterceptSuite is open source software, committed to transparency and community collaboration.\n\n![AGPL License](https://img.shields.io/badge/License-AGPL%20v3.0-blue?style=for-the-badge\u0026logo=gnu)\n\nThis project is licensed under the **GNU Affero General Public License v3.0 (AGPL-3.0)**\n\n[![📖 Read Full License](https://img.shields.io/badge/%F0%9F%93%96%20Read%20Full%20License-007bff?style=for-the-badge\u0026logoColor=white)](LICENSE)\n\n*The AGPL-3.0 license ensures that InterceptSuite remains free and open source, while requiring that any network-based services using this code also provide their source code to users.*\n\n---\n\n## 🙏 Acknowledgments\n\nSpecial thanks to the amazing open source communities and technologies that make InterceptSuite possible.\n\n### 🔐 OpenSSL\n![OpenSSL](https://img.shields.io/badge/OpenSSL-721412?style=for-the-badge\u0026logo=openssl\u0026logoColor=white)\n\nProviding robust TLS/SSL functionality and cryptographic operations\n\n### 🚀 Tauri + Rust + C\n![Tauri](https://img.shields.io/badge/Tauri-FFC131?style=for-the-badge\u0026logo=tauri\u0026logoColor=black)\n![Rust](https://img.shields.io/badge/Rust-000000?style=for-the-badge\u0026logo=rust\u0026logoColor=white)\n![C](https://img.shields.io/badge/C-00599C?style=for-the-badge\u0026logo=c\u0026logoColor=white)\n\nHigh-performance C core engine with modern Tauri + Rust GUI for optimal performance and user experience\n\n### 🔨 CMake\n![CMake](https://img.shields.io/badge/CMake-064F8C?style=for-the-badge\u0026logo=cmake\u0026logoColor=white)\n\nEnabling cross-platform build system management and compilation\n\n### 💖 Community Support\n\nInterceptSuite is built with love by the cybersecurity community, for the cybersecurity community. Thank you to all contributors, testers, and users who help make this project better every day!\n\n---\n\n![Made with Love](https://img.shields.io/badge/Made%20with%20❤️%20for%20the%20Security%20Community-FF69B4?style=for-the-badge)\n\n**🛡️ Secure by Design • 🌍 Cross-Platform • 🔓 Open Source**\n\n[![⭐ Star on GitHub](https://img.shields.io/badge/⭐%20Star%20on%20GitHub-333?style=for-the-badge\u0026logo=github)](https://github.com/anof-cyber/InterceptSuite)\n[![🐛 Report Issues](https://img.shields.io/badge/🐛%20Report%20Issues-red?style=for-the-badge\u0026logo=github)](https://github.com/anof-cyber/InterceptSuite/issues)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanof-cyber%2Finterceptsuite","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fanof-cyber%2Finterceptsuite","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanof-cyber%2Finterceptsuite/lists"}