Proxify
Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally, a replay utility allows to import the dumped traffic (request/responses with correct domain name) into BurpSuite or any other proxy by simply setting the upstream proxy to proxify.
Features
Intercept / Manipulate HTTP/HTTPS & NON-HTTP traffic
Invisible & Thick clients traffic proxy support
TLS MITM support with client/server certificates
HTTP and SOCKS5 support for upstream proxy
Traffic Match/Filter and Replace DSL support
Full traffic dump to file (request/responses)
Native embedded DNS server
Plugin Support to decode specific protocols (e.g XMPP/SMTP/FTP/SSH/)
Proxify Traffic replay in Burp
Usage
Usage: ./proxify [flags]
OUTPUT
Option Description -sr, -store-responseStore raw HTTP request/response to output directory (default proxify_logs) -o, -outputOutput file to store proxify logs (default proxify_logs.jsonl) -of, -output-format stringOutput format (jsonl/yaml) (default "jsonl") -dump-reqDump only HTTP requests to output file -dump-respDump only HTTP responses to output file -oca, -out-ca stringGenerate and save CA file to filename
UPDATE
Option Description -up, -updateUpdate proxify to latest version -duc, -disable-update-checkDisable automatic proxify update check
FILTER
Option Description -req-fd, -request-dsl string[]Request Filter DSL -resp-fd, -response-dsl string[]Response Filter DSL -req-mrd, -request-match-replace-dsl string[]Request Match-Replace DSL -resp-mrd, -response-match-replace-dsl string[]Response Match-Replace DSL
NETWORK
Option Description -ha, -http-addr stringListening HTTP IP and port address (ip:port) (default 127.0.0.1:8888) -sa, -socks-addrListening SOCKS IP and port address (ip:port) (default 127.0.0.1:10080) -da, -dns-addr stringListening DNS IP and port address (ip:port) -dm, -dns-mapping stringDomain to IP DNS mapping (e.g., domain:ip,domain:ip,..) -r, -resolver stringCustom DNS resolvers to use (ip:port)
PROXY
Option Description -hp, -http-proxy string[]Upstream HTTP proxies (e.g., http://proxy-ip:proxy-port) -sp, -socks5-proxy string[]Upstream SOCKS5 proxies (e.g., socks5://proxy-ip:proxy-port) -c intNumber of requests before switching to the next upstream proxy (default 1)
EXPORT
Option Description -max-size intMax export data size (request/responses will be truncated) (default 9223372036854775807)
CONFIGURATION
Option Description -config stringPath to the proxify configuration file -ec, -export-config stringProxify export module configuration file (default "$CONFIG/export-config.yaml") -config-directory stringOverride the default config path (default "$CONFIG/proxify") -cert-cache-size intNumber of certificates to cache (default 256) -a, -allow string[]Allowed list of IP/CIDRs to be proxied -d, -deny string[]Denied list of IP/CIDRs to be proxied -pt, -passthrough string[]List of passthrough domains
DEBUG
Option Description -nc, -no-colorNo color -versionVersion -silentSilent -v, -verboseVerbose -vv, -very-verboseVery verbose
Examples
Running Proxify HTTP proxy on port 8888:
proxify Runs an HTTP proxy on custom port 1111:
proxify -http-addr ":1111" TLS pass through: The -pt flag can be used pass through (skip) encrypted traffic without attempting to terminate the TLS connection.
proxify -pt '(.*\.)?google\.co.in.*' Runs an HTTP proxy on port 8888 and forward the traffic to burp on port 8080:
proxify -http-proxy http://127.0.0.1:8080 Runs an HTTP proxy on port 8888 and forward the traffic to the TOR network:
proxify -socks5-proxy 127.0.0.1:9050