{"id":21988075,"url":"https://github.com/nvisosecurity/ioxy","last_synced_at":"2026-02-28T19:01:13.974Z","repository":{"id":43470188,"uuid":"275111685","full_name":"NVISOsecurity/IOXY","owner":"NVISOsecurity","description":"MQTT intercepting proxy","archived":false,"fork":false,"pushed_at":"2023-08-20T13:46:28.000Z","size":4845,"stargazers_count":132,"open_issues_count":4,"forks_count":20,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-11-05T21:45:41.146Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/NVISOsecurity.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-26T08:44:55.000Z","updated_at":"2024-10-07T20:38:30.000Z","dependencies_parsed_at":"2024-06-18T22:35:49.838Z","dependency_job_id":"dbc3ce84-6c30-4887-ac72-1fa69a8b9452","html_url":"https://github.com/NVISOsecurity/IOXY","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NVISOsecurity%2FIOXY","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NVISOsecurity%2FIOXY/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NVISOsecurity%2FIOXY/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NVISOsecurity%2FIOXY/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/NVISOsecurity","download_url":"https://codeload.github.com/NVISOsecurity/IOXY/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227196131,"owners_count":17746178,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-29T19:15:30.176Z","updated_at":"2026-02-28T19:01:13.874Z","avatar_url":"https://github.com/NVISOsecurity.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cimg src=\"resources/img/ioxy.png\" alt=\"Ioxy logo\" width=\"400\"\u003e\n\n# IOXY - MQTT intercepting proxy\n\n## What?\n\nIOXY (IoT + Proxy) is an MQTT intercepting proxy written in Golang. It supports MQTT, MQTTS and MQTT over WebSockets and has both a CLI and a GUI.\n\n## Why?\n\nWe frequently perform security assessment on IoT devices using MQTT to communicate with their backend. We wanted a tool that allows us to intercept, inspect and tamper with MQTT communications with the same ease as other intercepting proxies, like Burp and Zap, do for HTTP.\n\nThis is why we started working on IOXY. We put a lot of effort in this tool, and hope it will be useful to the community!\n\n## Quick start\n\n\u003e ⚠️ IMPORTANT NOTE ⚠️\n\u003e\n\u003e If you are using **Windows** to compile IOXY you might need to install TDM-GCC(http://tdm-gcc.tdragon.net/download)\n\nThe only prerequisite for using IOXY is a [working Golang environment](https://golang.org/doc/install). The steps below install Golang and build the IOXY binary, and have been tested on clean installation of Kali Linux (2022.03 x64):\n\n```bash\nsudo apt update \u0026\u0026 sudo apt install -y golang-go\ngit clone https://github.com/NVISOsecurity/IOXY.git\ncd IOXY/ioxy\nCGO_CFLAGS=\"-g -O2 -Wno-return-local-addr\" go build -ldflags=\"-s -w\" .\n./ioxy gui\n```\n\n\u003e ⚠️ NOTE ⚠️\n\u003e\n\u003e On some architectures, compiling with the default Golang compiler causes a \"panic: runtime error\" crash when attempting to run IOXY. In case that happens, uninstall golang-go and install the gccgo-go compiler (sudo apt --purge autoremove golang-go \u0026 sudo apt install gccgo-go), then repeat the \"go build\" step. This should fix the crash. See https://github.com/NVISOsecurity/IOXY/issues/11 .\n\nFinally, fire up the GUI and use the Settings screen to set up the intercepting server:\n\n    ./ioxy gui\n\n## CLI\n\n```\nUsage : ioxy ACOMMAND BCOMMAND [CCOMMAND] [DCOMMAND]\n\n[] = optional\n\nACommands:\n  mqtt\t  \tCreate a mqtt server (0.0.0.0:1883 by default)\n  mqtts\t  \tCreate a mqtts server (0.0.0.0:8883 by default)\n  http\t  \tCreate a http server (0.0.0.0:8080 by default)\n  https\t  \tCreate a https server\t(0.0.0.0:8081 by default)\n\nBCommands :\n  broker  \tUsed to set up the distant broker settings\n\nCCommands :\n  mitm-opt \tMitm options like intercept\n\nDCOMMAND :\n  gui\n\nRun 'ioxy COMMAND -h' for more information on a command.\n```\n\n## Examples\n\nCheck the examples below for a walkthrough on IOXY's features.\n\n### AWS\n\n- [AWS PubSub ALPN RolePlay](https://github.com/NVISO-BE/IOXY/tree/master/examples/aws/aws_pub_sub_case)\n\n## Features\n\nBelow you'll find a quick overview of the features provided by IOXY. Legend:\n\n✅ Implemented, tested \u003cbr\u003e\n❓ Implemented, not tested\n\n- Gui ✅\n\n\u003cp float=\"left\"\u003e\n        \u003cimg src=\"resources/img/app.PNG\" alt=\"app\" width=\"400\"\u003e\n        \u003cimg src=\"resources/img/settings.PNG\" alt=\"settings\" width=\"400\"\u003e\n        \u003cimg src=\"resources/img/log.PNG\" alt=\"logs\" width=\"400\"\u003e\n\u003c/p\u003e\n\n- Packet storing in SQLite Database ✅\n\n        Tables\n        ├── session_mgmt\n        │   ├── client_id\n        │   ├── session_id\n        │   ├── username\n        │   └── password\n        └── messages\n            ├── session_id\n            ├── topic\n            ├── payload\n            ├── dup_flag\n            ├── retain_flag\n            ├── qos_flag\n            └── timestamp\n\n- Live packet modification ✅\n\n\u003cimg src=\"resources/img/Intercept_example.gif\" alt=\"messages table\" width=\"500\"\u003e\n\n- Amazon ALPN support ✅\n\n## Supported Protocols\n\n- Client → Proxy\n\n  ✅ MQTT\u003cbr\u003e\n  ✅ MQTTS\u003cbr\u003e\n  ❓ HTTP (WebSocket)\u003cbr\u003e\n  ❓ HTTPS (Secure WebSocket)\n\n- Proxy → Broker\n\n  ✅ MQTT\u003cbr\u003e\n  ✅ MQTTS\u003cbr\u003e\n  ❓ HTTP (WebSocket)\u003cbr\u003e\n  ❓ HTTPS (Secure WebSocket)\n\n## Bugs and contributions\n\nFound a bug? Have an idea for a new feature? Please create an issue. We are monitoring the issue tracker and will follow up on any bug reports or new feature requests. More detailed information about code contributions to IOXY will be available soon.\n\n## Acknowledgments\n\nThis project was made possible thanks to [Innoviris](http://innoviris.be/) and [SCRATCh](https://scratch-itea3.eu/), an [ITEA3](https://itea3.org/) project.\n\n![Innoviris logo](resources/img/innoviris.png)\n![ITEA3 logo](resources/img/itea3.png)\n\nAxway's [\"mqtt-proxy\" repo](https://github.com/Axway-API-Management-Plus/mqtt-proxy) provided a solid base for this project.\nIOXY's GUI uses [\"Gorilla WebSocket\"](https://github.com/gorilla/websocket).\n\n## Authors\n\n- **Julian Dotreppe** (hutchYy) - _Initial work_\n- Cédric Bassem (cbassem) - Maintainer\n- Théo Rigas (windBlaze) - Maintainer\n\n## Useful resources and documentation\n\n#### Network Attacks GitHub\n\n- [Network Attacks Repository](https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Network_Attacks.md#mqtt)\n\n#### SANS\n\n- [SSL MITM](https://www.sans.org/reading-room/whitepapers/threats/ssl-man-in-the-middle-attacks-480)\n\n#### AWS\n\n- [AWS best practices](https://docs.aws.amazon.com/iot/latest/developerguide/security-best-practices.html)\n\n- [AWS CA + client mgmt](https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html#server-authentication-certs)\n\n- [ALPN](https://aws.amazon.com/fr/blogs/iot/mqtt-with-tls-client-authentication-on-port-443-why-it-is-useful-and-how-it-works/)\n\n- [Client cert generation](https://docs.aws.amazon.com/iot/latest/developerguide/create-device-certificate.html)\n\n- [Just-in-time registration](https://aws.amazon.com/fr/blogs/iot/just-in-time-registration-of-device-certificates-on-aws-iot/)\n\n- [IoT SDK](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sdks.html)\n\n#### MQTT[.]org\n\n- [MQTT $SYS Topics](https://github.com/mqtt/mqtt.github.io/wiki/SYS-Topics)\n\n#### MQTT-PWN\n\n- [\"mqtt-pwn\" Repository](https://github.com/akamai-threat-research/mqtt-pwn)\n\n#### Other\n\n- [MQTT Session establishement](https://www.hivemq.com/blog/mqtt-essentials-part-3-client-broker-connection-establishment/)\n- [Hacking The IoT](https://morphuslabs.com/hacking-the-iot-with-mqtt-8edaf0d07b9b)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnvisosecurity%2Fioxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnvisosecurity%2Fioxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnvisosecurity%2Fioxy/lists"}