Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/nccgroup/blackboxprotobuf

Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.
https://github.com/nccgroup/blackboxprotobuf

burp protobuf

Last synced: 9 days ago
JSON representation

Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.

Host: GitHub
URL: https://github.com/nccgroup/blackboxprotobuf
Owner: nccgroup
License: mit
Created: 2018-05-15T00:07:03.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2024-08-28T15:21:09.000Z (2 months ago)
Last Synced: 2024-10-02T02:58:16.504Z (about 1 month ago)
Topics: burp, protobuf
Language: Python
Homepage:
Size: 653 KB
Stars: 514
Watchers: 18
Forks: 86
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

WebHackersWeapons - blackboxprotobuf

README

        # Blackbox Protobuf

**Blackbox Protobuf now has an official package on PyPi under the name `bbpb`.

The `blackboxprotobuf` package is an older fork**

## Description

Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers

(protobuf) without the matching protobuf definition.

Protobuf is a binary serialization format from Google which can be used as a

more efficient alternative to formats like JSON or XML. Developers can define

the message format in a `.proto` file and use the protobuf compiler to

generate message handlers in their language of choice. The protobuf encoding

is binary, and unlike json/xml not human readable or easy to modify by hand.

The format also takes advantage of both sides having the message definition and

strips out much of the type information. This is good for efficiency, but

increases the difficulty analyzing or modifying the network traffic.

Blackbox protobuf is designed to allow working with protocol buffers without

the message definition. It was originally implemented as a Burp extension for

decoding and modifying messages during mobile pentests, but has also been used

for reverse engineering and forensics tooling.

## Tools

This repository contains several interfaces for working with protocol buffers:

- A jython burp extension in [burp/](https://github.com/nccgroup/blackboxprotobuf/tree/master/burp)

- A python library that can be used in other applications in [lib/](https://github.com/nccgroup/blackboxprotobuf/tree/master/lib)

- A python-based CLI embedded in the [library](https://github.com/nccgroup/blackboxprotobuf/tree/master/lib/CLI.md)

- A mitmproxy addon in [mitmproxy](https://github.com/nccgroup/blackboxprotobuf/tree/master/mitmproxy)

## Future Tools

Some tooling that may be built on top of blackboxprotobuf in the future:

- protobuf type discovery tool