Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/nccgroup/blackboxprotobuf
Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.
https://github.com/nccgroup/blackboxprotobuf
burp protobuf
Last synced: 3 days ago
JSON representation
Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.
- Host: GitHub
- URL: https://github.com/nccgroup/blackboxprotobuf
- Owner: nccgroup
- License: mit
- Created: 2018-05-15T00:07:03.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2024-11-27T04:51:52.000Z (15 days ago)
- Last Synced: 2024-12-02T02:00:12.605Z (10 days ago)
- Topics: burp, protobuf
- Language: Python
- Homepage:
- Size: 656 KB
- Stars: 535
- Watchers: 18
- Forks: 90
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- WebHackersWeapons - blackboxprotobuf
README
# Blackbox Protobuf
**Blackbox Protobuf now has an official package on PyPi under the name `bbpb`.
The `blackboxprotobuf` package is an older fork**## Description
Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers
(protobuf) without the matching protobuf definition.Protobuf is a binary serialization format from Google which can be used as a
more efficient alternative to formats like JSON or XML. Developers can define
the message format in a `.proto` file and use the protobuf compiler to
generate message handlers in their language of choice. The protobuf encoding
is binary, and unlike json/xml not human readable or easy to modify by hand.
The format also takes advantage of both sides having the message definition and
strips out much of the type information. This is good for efficiency, but
increases the difficulty analyzing or modifying the network traffic.Blackbox protobuf is designed to allow working with protocol buffers without
the message definition. It was originally implemented as a Burp extension for
decoding and modifying messages during mobile pentests, but has also been used
for reverse engineering and forensics tooling.## Tools
This repository contains several interfaces for working with protocol buffers:
- A jython burp extension in [burp/](https://github.com/nccgroup/blackboxprotobuf/tree/master/burp)
- A python library that can be used in other applications in [lib/](https://github.com/nccgroup/blackboxprotobuf/tree/master/lib)
- A python-based CLI embedded in the [library](https://github.com/nccgroup/blackboxprotobuf/tree/master/lib/CLI.md)
- A mitmproxy addon in [mitmproxy](https://github.com/nccgroup/blackboxprotobuf/tree/master/mitmproxy)## Future Tools
Some tooling that may be built on top of blackboxprotobuf in the future:
- protobuf type discovery tool