{"id":19544874,"url":"https://github.com/ariary/poc-website-masquerading","last_synced_at":"2026-06-13T08:31:26.398Z","repository":{"id":109493272,"uuid":"447682561","full_name":"ariary/PoC-Website-Masquerading","owner":"ariary","description":"PoC on how to impersonnate/masquerade a website locally 🎭","archived":false,"fork":false,"pushed_at":"2022-01-21T08:17:42.000Z","size":526,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-26T05:42:23.870Z","etag":null,"topics":["certificates","hacking","man-in-the-middle","masquerade","mitm","poc"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ariary.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-01-13T17:02:58.000Z","updated_at":"2022-02-25T02:38:35.000Z","dependencies_parsed_at":"2023-07-14T22:16:09.660Z","dependency_job_id":null,"html_url":"https://github.com/ariary/PoC-Website-Masquerading","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ariary/PoC-Website-Masquerading","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2FPoC-Website-Masquerading","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2FPoC-Website-Masquerading/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2FPoC-Website-Masquerading/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2FPoC-Website-Masquerading/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ariary","download_url":"https://codeload.github.com/ariary/PoC-Website-Masquerading/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2FPoC-Website-Masquerading/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34278153,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-13T02:00:06.617Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificates","hacking","man-in-the-middle","masquerade","mitm","poc"],"created_at":"2024-11-11T03:32:49.081Z","updated_at":"2026-06-13T08:31:26.377Z","avatar_url":"https://github.com/ariary.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=center\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eAnother good reason to be careful when running script from untrusted source with sudo, or to not give to all users root capabilities\u003c/code\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003c/div\u003e\n\n|DEMO  🎭 |\n|:---:| \n|![demo](https://github.com/ariary/PoC-Website-Masquerading/blob/main/poc.gif)|\n\n## PoC\n\nThis a simple PoC on how to impersonnate a website locally. \n\nAfter that you can imagine multiple scenarios. For example stealing credentials, by making the local server (which impersonates the target website) having the same frontend as the target but interacting with a remote server to exfiltrate the credentials. \n\nIt highlights the importance to monitor the capabilities given to scripts/users etc as this snipset could be integrated in any malicious script or by any user having root privileges. (Don't do this, of course)\n\n### How it works\n\n\u003cstrong\u003e~\u003e Launch `poc-impersonate` \u003c/strong\u003e\n\n1. Modify `/etc/host` to route the target domain to localhost. **Note**:the content of `/etc/hosts` is used before making DNS resolution at each request so it is priority. \u003csup\u003eneed sudo\u003c/sup\u003e\n2. Make locally trusted certificates, it is important to avoid the \"warning\" page of the browser. Certs could be installed in the trusted store of the whole system, in this PoC it is only installed for the user launching the script.\n3. Launch a local server on port `443`. \u003csup\u003eneed sudo\u003c/sup\u003e\n\n\u003cstrong\u003e~\u003e Visit the target website (here `https://www.github.com`) \u003c/strong\u003e\n\nSee that you aren't were you wanted to. (You reach the local server) \n\n\u003cstrong\u003e~\u003e Clear your tracks with `clean`\u003c/strong\u003e\n\nIt stops local server, withdraws certs in trust store, and puts `/etc/hosts` as it was before the PoC\n\n\n### Notes\n\n* 2 command needs sudo (modifying /etc/host \u0026 launch https server on 443)\n* To ease cert regisstration in trust store the PoC use [`mkcert`](https://github.com/FiloSottile/mkcert) but it could be done manually w/ `openssl` \n    * Hence the \"certutil\" is a prerequisite to make the PoC works for Chrome or Firefox\n* Need Browser restart to make it works\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fariary%2Fpoc-website-masquerading","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fariary%2Fpoc-website-masquerading","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fariary%2Fpoc-website-masquerading/lists"}