NOTICE: This is only for ethical hacking in RedTeams.
NOTICE: You are the one who is responsible for legal issues, this is only source code, its not for production or enterprise usage.
How many of your employees take care about their cyber security?
Are you interested in this topic?
If you are interested to this subject, just setup this project and create a full proxy of frontend-backend stack. This code will do A Man In The Middle Attack , thats it.
(THEIR) UPSTREAM <-> (OUR) Nginx Reverse Proxy <-> Target Users
pip install -r requirements.txt
We need a redis server also, just install it :)
- Setup ssl in the nginx configurations or by SSL-Termination.
- Change example.com and api.example.com to the upstream domain.
- Check
https://api.our-domain.com/djangoadmin/ - Create a superuser with
python manage.py createsuperuser - Run the celery worker
celery -A redproxy.celery worker -l INFO - Run this projcet
uvicorn redproxy.asgi:application - Try to do some deceptive actions, sending mail from an unknown sender, sms, etc, to make targets use our-domain.com instead of the original.
You are done! know set a meeting with the weak points of security and tell them do NOT be a VICTIM.
Good Luck :)
