modlishka

We have hosted the application modlishka in order to run this application in our online workstations with Wine or directly.

Quick description about modlishka:

Modlishka is a powerful and flexible HTTP reverse proxy. It implements an entirely new and interesting approach of handling browser-based HTTP traffic flow, which allows to transparently proxy of multi-domain destination traffic, both TLS and non-TLS, over a single domain, without the requirement of installing any additional certificate on the client. What exactly does this mean? In short, it simply has a lot of potential, that can be used in many use case scenarios. Modlishka was written as an attempt to overcome standard reverse proxy limitations and as a personal challenge to see what is possible with sufficient motivation and a bit of extra research time. The achieved results appeared to be very interesting and the tool was initially released and later updated.

Features:

• Support ethical phishing penetration tests with a transparent and automated reverse proxy component that has a universal 2FA �bypass� support
• Automatically poison HTTP 301 browsers cache and permanently hijack non-TLS URLS
• Diagnose and hijack browser-based applications HTTP traffic from the "Client Domain Hooking" attack perspective
• Wrap legacy websites with TLS layer, confuse crawler bots and automated scanners, etc.
• Highlight currently used two factor authentication (2FA) scheme weaknesses, so adequate security solutions can be created and implemented by the industry
• Support other projects that could benefit from a universal and transparent reverse proxy

Programming Language: Go.
Categories: