{"id":24537643,"url":"https://github.com/mdsecactivebreach/Chameleon","last_synced_at":"2025-10-03T12:30:59.133Z","repository":{"id":41497694,"uuid":"96205596","full_name":"mdsecactivebreach/Chameleon","owner":"mdsecactivebreach","description":"Chameleon: A tool for evading Proxy categorisation","archived":false,"fork":false,"pushed_at":"2024-11-28T16:40:36.000Z","size":174,"stargazers_count":472,"open_issues_count":7,"forks_count":72,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-01-21T06:04:14.938Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mdsecactivebreach.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-07-04T10:21:08.000Z","updated_at":"2025-01-17T03:18:09.000Z","dependencies_parsed_at":"2025-01-07T04:31:26.290Z","dependency_job_id":"517c5066-c807-4acd-8223-44b85266f6e7","html_url":"https://github.com/mdsecactivebreach/Chameleon","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdsecactivebreach%2FChameleon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdsecactivebreach%2FChameleon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdsecactivebreach%2FChameleon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mdsecactivebreach%2FChameleon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mdsecactivebreach","download_url":"https://codeload.github.com/mdsecactivebreach/Chameleon/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235126768,"owners_count":18939975,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-22T14:13:25.305Z","updated_at":"2025-10-03T12:30:58.764Z","avatar_url":"https://github.com/mdsecactivebreach.png","language":"Python","readme":"```\n                     _.....---..._\n      _..-'-.   _.--'             '--.._\n  _.-' (  0) Y''                        ''-.._\n (---.._,                                     '-._\n  `---.,___.-\\  \\----......./  /..------...____   '-.\n     _/  /  _/  /         __\\  \\   __\\  \\      `-.   \\\n    (((-'  (((-'         (((---'  (((---`         )  /\n                                               .-'.-'\n    Chameleon: @domchell, MDSec ActiveBreach  (__`-,\n                                                 ``\n```\n# Description\n\nChameleon is a tool which assists red teams in categorising their infrastructure under arbitrary categories. \nCurrently, the tool supports arbitrary categorisation for Bluecoat, McAfee Trustedsource and IBM X-Force. \nHowever, the tool is designed in such a way that additional proxies can be added with ease.\n\n# Usage\n\n```\nusage: chameleon.py [-h] [--proxy \u003cproxy\u003e] [--check] [--submit]\n                    [--domain \u003cdomain\u003e]\n\noptional arguments:\n  -h, --help         show this help message and exit\n  --proxy \u003cproxy\u003e    Proxy type: a = all, b = bluecoat, m = mcafee, i = IBM\n                     Xforce\n  --check            Perform check on current category\n  --submit           Submit new category\n  --domain \u003cdomain\u003e  Domain to validate\n```\n\nExample 1: Checking the category of your website against all supported proxies:\n\n```\n$ python chameleon.py --proxy a --check --domain google.com\n\n                     _.....---..._\n      _..-'-.   _.--'             '--.._\n  _.-' (  0) Y''                        ''-.._\n (---.._,                                     '-._\n  `---.,___.-\\  \\----......./  /..------...____   '-.\n     _/  /  _/  /         __\\  \\   __\\  \\      `-.   \\\n    (((-'  (((-'         (((---'  (((---`         )  /\n                                               .-'.-'\n    Chameleon: @domchell, MDSec ActiveBreach  (__`-,\n                                                 ``\n\n[-] Targeting Bluecoat WebPulse\n[-] Checking category for google.com\n[-] Your site is categorised as: Search Engines/Portals\n[-] Targeting McAfee Trustedsource\n[-] Getting anti-automation tokens\n[-] Checking category for google.com\n[-] Found category: - Search Engines\n[-] Targeting IBM Xforce\n[-] IBM xForce Check: google.com\n[-] Domain categorised as Search Engines / Web Catalogues / Portals\n```\n\nExample 2: Submitting your domain for the financial category for McAfee proxy only:\n\n```\n$ python chameleon.py --proxy m --submit --domain foobar.com\n\n                     _.....---..._\n      _..-'-.   _.--'             '--.._\n  _.-' (  0) Y''                        ''-.._\n (---.._,                                     '-._\n  `---.,___.-\\  \\----......./  /..------...____   '-.\n     _/  /  _/  /         __\\  \\   __\\  \\      `-.   \\\n    (((-'  (((-'         (((---'  (((---`         )  /\n                                               .-'.-'\n    Chameleon: @domchell, MDSec ActiveBreach  (__`-,\n                                                 ``\n\n[-] Targeting McAfee Trustedsource\n[-] Getting anti-automation tokens\n[-] Checking category for foobar.com\n[-] Found category: - Personal Pages\n[-] Submitting URL for finance category\n[-] URL submitted, please wait up to 6 hours for categorisation\n```\n\n**Caution**: when attempting to categorise a site in Bluecoat, do not check the category first otherwise it will end up uncategorised! Individual hosts can however be categorised differently.\n\n# Credits\n\nChameleon was developed by [Dominic Chell](https://twitter.com/domchell) of the [MDSec ActiveBreach](https://www.mdsec.co.uk/services/red-teaming/) team.\n\nCategorisation checks for Bluecoat and IBM X-Force were reused based on code originally developed in [DomainHunter](https://github.com/minisllc/domainhunter) and [CatMyFish](https://github.com/Mr-Un1k0d3r/CatMyFish).\n","funding_links":[],"categories":["Further Resources","Exfiltration"],"sub_categories":["Purple Team"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmdsecactivebreach%2FChameleon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmdsecactivebreach%2FChameleon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmdsecactivebreach%2FChameleon/lists"}