{"id":13509943,"url":"https://github.com/drk1wi/Modlishka","last_synced_at":"2025-03-30T15:30:26.156Z","repository":{"id":38326051,"uuid":"162460220","full_name":"drk1wi/Modlishka","owner":"drk1wi","description":"Modlishka. Reverse Proxy.  ","archived":false,"fork":false,"pushed_at":"2024-04-19T12:23:00.000Z","size":5103,"stargazers_count":4669,"open_issues_count":126,"forks_count":866,"subscribers_count":136,"default_branch":"master","last_synced_at":"2024-04-19T13:40:22.234Z","etag":null,"topics":["mitm","penetration-testing-tools","phishing","reverse-proxy","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/drk1wi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2018-12-19T15:59:54.000Z","updated_at":"2024-04-19T13:40:25.582Z","dependencies_parsed_at":"2023-01-28T16:00:20.378Z","dependency_job_id":"f18e0a8a-364d-44f8-8a78-835a3a9cb42f","html_url":"https://github.com/drk1wi/Modlishka","commit_stats":{"total_commits":102,"total_committers":14,"mean_commits":7.285714285714286,"dds":0.303921568627451,"last_synced_commit":"e46dcfd4e544146057c3a5666ea5ca247bc3d979"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drk1wi%2FModlishka","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drk1wi%2FModlishka/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drk1wi%2FModlishka/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/drk1wi%2FModlishka/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/drk1wi","download_url":"https://codeload.github.com/drk1wi/Modlishka/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246338560,"owners_count":20761402,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["mitm","penetration-testing-tools","phishing","reverse-proxy","security-tools"],"created_at":"2024-08-01T02:01:18.106Z","updated_at":"2025-03-30T15:30:21.781Z","avatar_url":"https://github.com/drk1wi.png","language":"Go","funding_links":[],"categories":["Tools","Go","Go (531)","Social Engineering","security-tools","Phishing","Social Engineering Tools"],"sub_categories":["Hunter","Social Engineering Tools","Penetration Testing Report Templates","Steganography"],"readme":"# ..Modlishka..\n\nModlishka is a powerful and flexible HTTP reverse proxy. It implements an entirely new and interesting approach of handling browser-based HTTP traffic flow, which allows it to transparently proxy multi-domain destination traffic, both TLS and non-TLS, over a single domain, without a requirement of installing any additional certificate on the client. What exactly does this mean? In short, it simply has a lot of potential, that can be used in many use case scenarios...\n\nFrom the security perspective, Modlishka can be currently used to:\n-\tSupport ethical phishing penetration tests with a transparent and automated reverse proxy component that has a universal 2FA “bypass” support.\n-  Wrap legacy websites with TLS layer, confuse crawler bots and automated scanners, etc.\n\n\nModlishka was written as an attempt to overcome standard reverse proxy limitations and as a personal challenge to see what is possible with sufficient motivation and a bit of extra research time. \nThe achieved results appeared to be very interesting and the tool was initially released and later updated with an aim to:\n- Highlight currently used two factor authentication ([2FA](https://blog.duszynski.eu/phishing-ng-bypassing-2fa-with-modlishka/)) scheme weaknesses, so adequate security solutions can be created and implemented by the industry.\n- Support other projects that could benefit from a universal and transparent reverse proxy.\n- Raise community awareness about modern phishing techniques and strategies and support penetration testers in their daily work.\n\n\nModlishka was primarily written for security related tasks. Nevertheless, it can be helpful in other, non-security related, usage scenarios.\n\nFeatures\n--------\n\nKey features of Modlishka include:\n\n**General:**\n-   Point-and-click HTTP and HTTPS reverse proxying of an arbitrary domain/s.\n-   Full control of \"cross\" origin TLS traffic flow from your users browsers (without a requirement of installing any additional certificate on the client).\n-   Easy and fast configuration through command line options and JSON configuration files.\n-   Pattern based JavaScript payload injection.\n-   Wrapping websites with an extra \"security\": TLS wrapping, authentication, relevant security headers, etc. \n-   Stripping websites of all encryption and security headers (back to 90's MITM style). \n-   Stateless design. Can be scaled up easily to handle an arbitrary amount of traffic  - e.g. through a DNS load balancer.\n-   Can be extended easily with your ideas through modular plugins.\n-   Automatic test TLS certificate generation plugin for the proxy domain (requires a self-signed CA certificate)\n-   Written in Go, so it works basically on all platforms and architectures: Windows, OSX, Linux, BSD supported...\n\n**Security related:**\n-  Support for majority of 2FA authentication schemes (out of the box).\n-   Practical implementation of the \"[Client Domain Hooking](https://blog.duszynski.eu/client-domain-hooking-in-practice/)\" attack. Supported with a diagnostic plugin.\n-  User credential harvesting (with context based on URL parameter passed identifiers).\n-  Web panel plugin with a summary of automatically collected credentials and one-click user session impersonation module (proof-of-concept/beta).\n-  No website templates (just point Modlishka to the target domain - in most cases, it will be handled automatically without any additional manual configuration).\n\n\nProxying In Action (2FA bypass)\n------\n_\"A picture is worth a thousand words\":_\n\nModlishka in action against an example two factor authentication scheme (SMS based bypass proof-of-concept)  :\n\n[https://vimeo.com/308709275](https://vimeo.com/308709275)\n\nInstallation\n------------\n\nLatest source code version can be fetched from [here](https://github.com/drk1wi/modlishka/zipball/master) (zip) or [here](https://github.com/drk1wi/modlishka/tarball/master) (tar).\n\n\n\nFetch the code with _'go install'_ :\n\n    $ go install github.com/drk1wi/Modlishka@latest\n\nCompile manually:\n\n    $ git clone https://github.com/drk1wi/Modlishka.git\n    $ cd Modlishka\n    $ make\n    \n------\n\n![alt text](https://github.com/drk1wi/assets/raw/master/0876a672f771046e833f2242f6be5d3cf01519efdbb9dad0e1ed2d33e33fecbc.png)\n\n    # ./dist/proxy -h\n  \n    \n    Usage of ./dist/proxy:\n          \n      -cert string\n        \tbase64 encoded TLS certificate\n      \n      -certKey string\n        \tbase64 encoded TLS certificate key\n      \n      -certPool string\n        \tbase64 encoded Certification Authority certificate\n      \n      -config string\n        \tJSON configuration file. Convenient instead of using command line switches.\n          \n      -controlCreds string\n          Username and password to protect the credentials page.  user:pass format\n          \n      -controlURL string\n          URL to view captured credentials and settings. (default \"SayHello2Modlishka\")\n          \n      -credParams string\n          \tCredential regexp with matching groups. e.g. : base64(username_regex),base64(password_regex)\n\n      -debug\n        \tPrint debug information\n      \n      -disableSecurity\n        \tDisable proxy security features like anti-SSRF. 'Here be dragons' - disable at your own risk.\n      \n      -dynamicMode\n          \tEnable dynamic mode for 'Client Domain Hooking'\n      \n      -forceHTTP\n         \tStrip all TLS from the traffic and proxy through HTTP only\n    \n      -forceHTTPS\n         \tStrip all clear-text from the traffic and proxy through HTTPS only\n     \n      -jsRules string\n        \tComma separated list of URL patterns and JS base64 encoded payloads that will be injected - e.g.: target.tld:base64(alert(1)),..,etc\n      \n      -listeningAddress string\n        \tListening address - e.g.: 0.0.0.0  (default \"127.0.0.1\")\n      \n      -log string\n        \tLocal file to which fetched requests will be written (appended)\n      \n      -plugins string\n        \tComma seperated list of enabled plugin names (default \"all\")\n      \n      -proxyAddress string\n    \t    Proxy that should be used (socks/https/http) - e.g.: http://127.0.0.1:8080 \n         \n      -proxyDomain string\n        \tProxy domain name that will be used - e.g.: proxy.tld\n      \n      -postOnly\n        \tLog only HTTP POST requests\n      \n      -rules string\n          \tComma separated list of 'string' patterns and their replacements - e.g.: base64(new):base64(old),base64(newer):base64(older)\n\n      -target string\n        \tTarget domain name  - e.g.: target.tld\n         \n      -targetRes string\n        \tComma separated list of domains that were not translated automatically. Use this to force domain translation - e.g.: static.target.tld \n      \n      -terminateTriggers string\n        \tSession termination: Comma separated list of URLs from target's origin which will trigger session termination\n        \t\t\n      -terminateUrl string\n        \tURL to which a client will be redirected after Session Termination rules trigger\n      \n      -trackingCookie string\n        \tName of the HTTP cookie used to track the client (default \"id\")\n      \n      -trackingParam string\n        \tName of the HTTP parameter used to track the client (default \"id\")\n\n\nCommercial Usage\n-------\nModlishka is licensed under [this License](https://raw.githubusercontent.com/drk1wi/Modlishka/master/LICENSE). \n\nFor commercial, legitimate applications, please contact the author for the appropriate licensing arrangements.\n\nCredits \n-------\nAuthor: Modlishka was designed and implemented by Piotr Duszyński ([@drk1wi](https://twitter.com/drk1wi)). All rights reserved.\n\nSee the list of [contributors](https://github.com/drk1wi/Modlishka/graphs/contributors) who participated in this project.\n\n* sentence copied directly from another project .\n\nDisclaimer\n----------\nThis tool is made only for educational purposes and can be used in legitimate penetration tests or research only. Author does not take any responsibility for any actions taken by its users.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdrk1wi%2FModlishka","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdrk1wi%2FModlishka","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdrk1wi%2FModlishka/lists"}