{"id":13582275,"url":"https://github.com/malfunkt/hyperfox","last_synced_at":"2025-12-17T20:47:45.974Z","repository":{"id":54261444,"uuid":"6544402","full_name":"malfunkt/hyperfox","owner":"malfunkt","description":"HTTP/HTTPS MITM proxy and recorder. ","archived":false,"fork":false,"pushed_at":"2023-10-17T13:22:14.000Z","size":2133,"stargazers_count":1615,"open_issues_count":17,"forks_count":182,"subscribers_count":62,"default_branch":"master","last_synced_at":"2025-04-01T05:37:58.365Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://hyperfox.org","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/malfunkt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2012-11-05T13:04:12.000Z","updated_at":"2025-03-23T08:32:06.000Z","dependencies_parsed_at":"2024-01-07T23:15:11.459Z","dependency_job_id":null,"html_url":"https://github.com/malfunkt/hyperfox","commit_stats":{"total_commits":114,"total_committers":6,"mean_commits":19.0,"dds":0.5614035087719298,"last_synced_commit":"1a8c26fb22ba4e6992eb9fb91e7d6a5c025bfe13"},"previous_names":["xiam/hyperfox"],"tags_count":12,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/malfunkt%2Fhyperfox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/malfunkt%2Fhyperfox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/malfunkt%2Fhyperfox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/malfunkt%2Fhyperfox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/malfunkt","download_url":"https://codeload.github.com/malfunkt/hyperfox/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247801175,"owners_count":20998339,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T15:02:33.641Z","updated_at":"2025-12-17T20:47:40.937Z","avatar_url":"https://github.com/malfunkt.png","language":"Go","funding_links":[],"categories":["Go","Go (531)","\u003ca id=\"42f9e068b6511bcbb47d6b2b273097da\"\u003e\u003c/a\u003e未分类","Tools"],"sub_categories":["\u003ca id=\"3bd67ee9f322e2c85854991c85ed6da0\"\u003e\u003c/a\u003e投毒\u0026\u0026Poisoning","Go"],"readme":"# Hyperfox\n\n[![Build Status](https://travis-ci.org/malfunkt/hyperfox.svg?branch=master)](https://travis-ci.org/malfunkt/hyperfox)\n\n[Hyperfox][1] is a security auditing tool that proxies and records HTTP and\nHTTPS traffic between two points.\n\n## Installation\n\nYou can install the latest version of hyperfox to `/usr/local/bin` with the\nfollowing command (requires admin privileges):\n\n```sh\ncurl -sL 'https://raw.githubusercontent.com/malfunkt/hyperfox/master/install.sh' | sh\n```\n\nIf you'd rather not accept free candy from this van you can also grab a release\nfrom our [releases page](https://github.com/malfunkt/hyperfox/releases) and\ninstall it manually.\n\n### Building `hyperfox` from source\n\nIn order to build `hyperfox` from source you'll need Go and a C compiler:\n\nUse `go install` to build and install `hyperfox`:\n\n```\ngo install github.com/malfunkt/hyperfox\n```\n\n## How does it work?\n\nHyperfox creates a transparent HTTP proxy server and binds it to port 1080/TCP\non localhost (`-addr 127.0.0.1 -http 1080`). The proxy server reads plaintext\nHTTP requests and redirects them to the target destination (the `Host` header\nis used to identify the destination), when the target destination replies,\nHyperfox intercepts the response and forwards it to the original client.\n\nAll HTTP communications between origin and destination are intercepted by\nHyperfox and recorded on a SQLite database that is created automatically.\nEverytime Hyperfox starts, a new database is created (e.g.:\n`hyperfox-00123.db`). You can change this behaviour by explicitly providing a\ndatabase name (e.g.: `-db traffic-log.db`).\n\n### Usage\n\nLaunch Hyperfox with default configuration:\n\n```\nhyperfox\n```\n\nuse `cURL` to request any HTTP page, the `-x` parameter tells cURL to use\nhyperfox as proxy:\n\n```\ncurl -x http://127.0.0.1:1080 example.com\n```\n\nyou should be able to see a log for the page you requested in Hyperfox's output:\n\n```\n...\n127.0.0.1:44254 - - [11/Apr/2020:19:19:48 -0500] \"GET http://example.com/ HTTP/1.1\" 200 -1\n```\n\n### User interface (`-ui`)\n\n![hyperfox-ui](https://user-images.githubusercontent.com/385670/79090465-6e7eb300-7d0f-11ea-8fc6-df1e6da8a12e.png)\n\nUse the `-ui` parameter to enable Hyperfox UI wich will open in a new browser\nwindow:\n\n```\nhyperfox -db records.db -ui\n```\n\nThe above command creates a web server that binds to `127.0.0.1:1984`. If you'd\nlike to change the bind address or port use the `-ui-addr` switch:\n\n```\nhyperfox -db records.db -ui -ui-addr 127.0.0.1:3000\n```\n\nChanging the UI server address is specially useful when Hyperfox is running on\na remote or headless host and you'd like to see the UI from another host.\n\nEnabling the UI also enables a minimal REST API (at `127.0.0.1:4891`) that is\nconsumed by the front-end application.\n\nPlease note that Hyperfox's REST API is only protected by a randomly generated\nkey that changes everytime Hyperfox starts, depending on your use case this\nmight not be adecuate.\n\n#### Run Hyperfox UI on your mobile device\n\nWhen the `-ui-addr`parameter is different from `127.0.0.1` Hyperfox will\noutput a QR code to make it easier to connect from mobile devices:\n\n```\nhyperfox -db records.db -ui -ui-addr 192.168.1.23:1984\n```\n\n### SSL/TLS mode (`-ca-cert` \u0026 `-ca-key`)\n\nSSL/TLS connections are secure end to end and protected from eavesdropping.\nHyperfox won't be able to see anything happening between a client and a secure\ndestination. This is only valid as long as the chain of trust remains\nuntouched.\n\nLet's suppose that the client trusts a root CA certificate that is known by\nHyperfox, if that happens Hyperfox will be able to issue certificates that are\ngoing to be trusted by the client.\n\nExamples of such bogus root CA files be found here:\n\n* [Hyperfox CA cert](https://raw.githubusercontent.com/malfunkt/hyperfox/master/ca/rootCA.crt)\n* [Hyperfox CA key](https://raw.githubusercontent.com/malfunkt/hyperfox/master/ca/rootCA.key)\n\nyou can also [generate your own root CA certificate and\nkey](https://www.ibm.com/support/knowledgecenter/SSZQDR/com.ibm.rba.doc/LD_rootkeyandcert.html).\n\nThere are a [number of ways to install root CA\ncertificates](https://www.bounca.org/tutorials/install_root_certificate.html),\ndepending on your operating system.\n\nThis QR code might come in handy when installing Hyperfox's root CA on a mobile\ndevice:\n\n![Hyperfox root CA certificate](https://chart.googleapis.com/chart?cht=qr\u0026choe=UTF-8\u0026chs=220x220\u0026chl=https://static.hyperfox.org/rootCA.crt)\n\nUse the `-ca-cert` and `-ca-key` flags to provide Hyperfox with the root CA\ncertificate and key you'd like to use:\n\n```\nhyperfox -ca-cert rootCA.crt -ca-key rootCA.key\n```\n\nthe above command creates a special server and binds it to `127.0.0.1:10443`,\nthis server waits for a SSL/TLS connection to arrive. When a new SSL/TLS\nconnection hits in, Hyperfox uses the\n[SNI](https://en.wikipedia.org/wiki/Server_Name_Indication) extension to\nidentify the destination nameserver and to create a SSL/TLS certificate for it,\nthis certificate is signed with the providede root CA key.\n\n#### TLS interception example\n\nLaunch Hyperfox with appropriate TLS parameters and `-http 443` (port 443\nrequires admin privileges).\n\n```\nsudo hyperfox -ca-cert ./ca/rootCA.crt -ca-key ./ca/rootCA.key -https 443\n```\n\nUse cURL to build a HTTPs request to example.com: the `-resolve` option tells\ncURL to skip DNS verification and use `127.0.0.1` as if it were the legitimate\naddress for `example.com`, while the `-k` parameter tells cURL to accept any\nTLS certificate.\n\n```\ncurl -k -resolve example.com:443:127.0.0.1 https://example.com\n```\n\nyou should be able to see a log for the page you requested in Hyperfox's output:\n\n```\n127.0.0.1:36398 - - [11/Apr/2020:19:36:56 -0500] \"GET https://example.com/ HTTP/2.0\" 200 -1\n```\n\n## Usage examples\n\n### Via `/etc/hosts` on localhost\n\nAdd the host you'd like to inspect to your `/etc/hosts` file:\n\n```\nexample.com 127.0.0.1\n```\n\nRun Hyperfox with the options you'd like, just remember that you should use\nports 80 for HTTP and 443 for HTTPS, and that requires admin privileges. In\naddition to `-http` and `-https` use the `-dns` parameter with a valid DNS\nresolver:\n\n```\nsudo hyperfox -ui -http 80 -dns 8.8.8.8\n```\n\nthat will make Hyperfox skip the OS DNS resolver and use an alternative one\n(remember that example.com points to 127.0.1).\n\nNow use cURL and try to go to the destination:\n\n```\ncurl http://example.com\n```\n\nHyperfox will capture the request and print it to its output:\n\n```\n127.0.0.1:41766 - - [11/Apr/2020:19:43:30 -0500] \"GET http://example.com/ HTTP/1.1\" 200 -1\n```\n\n### Via ARP Spoofing on a LAN\n\nSee [MITM attack with Hyperfox and arpfox](https://xiam.dev/mitm-attack-with-hyperfox-and-arpfox/).\n\n## Hacking\n\nChoose an [issue][2], fix it and send a pull request.\n\n## License\n\n\u003e Copyright (c) 2012-today José Nieto, https://xiam.io\n\u003e\n\u003e Permission is hereby granted, free of charge, to any person obtaining\n\u003e a copy of this software and associated documentation files (the\n\u003e \"Software\"), to deal in the Software without restriction, including\n\u003e without limitation the rights to use, copy, modify, merge, publish,\n\u003e distribute, sublicense, and/or sell copies of the Software, and to\n\u003e permit persons to whom the Software is furnished to do so, subject to\n\u003e the following conditions:\n\u003e\n\u003e The above copyright notice and this permission notice shall be\n\u003e included in all copies or substantial portions of the Software.\n\u003e\n\u003e THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND,\n\u003e EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\n\u003e MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND\n\u003e NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE\n\u003e LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION\n\u003e OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION\n\u003e WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n\n[1]: https://hyperfox.org\n[2]: https://github.com/malfunkt/hyperfox/issues\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmalfunkt%2Fhyperfox","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmalfunkt%2Fhyperfox","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmalfunkt%2Fhyperfox/lists"}