Clojure seems to support HTTP with clojure.contrib.http.agent, but how can I read from HTTPS?
Clojure, after all, is hosted on the Java platform. Hopefully, this question can set you on the right path.
Related
Heyo everyone !
I'm trying to reverse ingeneer an API using Burp. The problem is that I can't see any of the requests made by the software using the said API while I can see the requests made from Spotify, Discord, etc... I set the proxy parametter of windows to localhost:8080 and burp to listen to *:8080
Do you have any idea on what could make that happen ? I've been exploring the web I have yet to see an answer to my problem...
If I can improve by any means this question, to hesitate to let me know !
It is called SSL Pining and it's a method to protect against Man-in-middle type of attacks. It's very effective !
You can learn more about it through these articles:
https://sslmagic.com/blog/introduction-to-ssl-pinning/
https://medium.com/#anuj.rai2489/ssl-pinning-254fa8ca2109
https://www.indusface.com/learning/what-is-ssl-pinning-a-quick-walk-through/
I'm not related to any of these articles by any means. I just find them useful to understand SSL Pining
I'm a newbie developer. I wanna know, Do i need grpc-web library even if the browser supports HTTP2 ?. If the answer is yes, please tell me why
Thanks in advance
According to this grpc.io blog post, as of 2019 browsers did not support fine-grained control of HTTP2 requests needed to implement direct gRPC connection from javascript.
For this reason a separate library and proxy, such as implemented by gRPC-Web, is needed.
Let's say I have a Kubernetes Job that makes https requests to changing URLs and I want to allow specific URLs only and block all other requests. My idea is deploy an Https-Proxy-Pod and use NetworkPolicies to make sure the Job-Pod can only communicate with the Https-Proxy-Pod. See following sketch for better understanding:
sketch of https-proxy sidecar deployment
I know how to do that but have no idea what Https Proxy to use. As far as I understood envoy is not a suitable solution for what I want to do: https://github.com/envoyproxy/envoy/issues/1606
Does anyone has a better solution or can tell me which proxy to use?
Mitmproxy is an open source tool that you can use to filter HTTP and HTTPS requests transparently using the Python scripting language.
There's also a quite detailed tutorial on how to use it
I'm searching for some examples on how to write a proxy in Ruby that supports HTTPS. I have a simple proxy implemented with Webricks HTTPProxyServer, but I noticed, that HTTPS traffic is just tunneling (as it should ;) ). But I want to record the content with VCR (regarding my question here VCRProxy: Record PhantomJS ajax calls with VCR inside Capybara) and as long the content is only tunnled through, VCR can't record it.
So I was thinking of writing the proxy as a man-in-the-middle, generate SSL certificates on the fly (I don't care about certificate errors, its just for testing), and then I would be able to record the content / playback it later.
So if somebody has a good ressource from how to start, or a tutorial or a gist, please let me know.
PS: I have already seen this questions, but they don't provide any further stuff (and it need to be in ruby):
Man in the Middle (MITM) proxy with HTTPS support
How do I write a simple HTTPS proxy server in Ruby?
Help with HTTP Intercepting Proxy in Ruby?
An old question, but for the sake of completeness here goes another answer.
I've implemented a HTTP/HTTPS interception proxy in Ruby, the project is hosted in github.
The project is new, so it's not (yet) as mature as Python's mitmproxy, but it supports HTTPS with certificates generation on-the-fly.
There's an excellent MITM proxy in Python aptly named mitmproxy. The netlib library by the author does the tricks and mitmproxy uses it.
The codebase isn't large and it shouldn't be hard to go through it given that you know Ruby.
I am looking for a library which does the job of a http/https proxy server so that I can use it in my code. I do not want to write a complete proxy server on my own (that would be very difficult for me). So I am looking for such libraries.
I am writing the code in C language under Linux.
Thanks in advance.
Check out this.
http://www.vorburger.ch/projects/proxy/
And this.
c http proxy library
And this question.
Open source HTTP or HTTPS proxy