work in progress
skunk 🦨 is a person-in-the-middle proxy, mainly focussed on HTTP(S), but also open for other protocols.
It's useful for API reverse engineering among other things.
The developers of this tool hereby state that its intended purpose is to inspect your own network traffic, or of people that have agreed to its usage. Using this tool by intercepting, monitoring, or manipulating another person's traffic without their explicit consent is illegal in many juristictions, and the developers prohibit anyone from using this tool under such circumstances.
In order for skunk to decrypt TLS traffic, you have to install a certificate as trusted root certificate on the device you're intercepting.
To generate the root certificate, run cargo run --bin skunk -- generate-cert. skunk will output the location of the certificate (if you have logging set to INFO).
To build the UI, you'll need trunk and stylance. Then run trunk build (optionally with --watch flag) in the skunk-ui directory.
You do not need to use trunk serve, as skunk-cli serves the UI itself (with auto-reload support).
To run the proxy, run cargo run --bin skunk -- proxy --socks --api.
# Set global logging level to WARN, and for skunk crates to DEBUG.
RUST_LOG=warn,skunk=debug
# Path to configuration directory. Defaults to `~/.local/feralsec/skunk`.
# This can also be set using the `-c` or `--config` command-line argument.
SKUNK_CONFIG=./my_test_config/
# Serve UI from the workspace and enable auto-reload.
SKUNK_UI_DEV=1
# Sets the country-code for running hostapd. This is required, when using hostapd.
HOSTAPD_CC=US
You can also put your environment variables in a .env file.