Argus Proxy

Argus Proxy is a lightweight, interactive HTTP intercepting proxy and web application security scanner written in Java. It is designed to help security professionals and developers analyze HTTP traffic, manipulate requests, and detect security vulnerabilities.

Key Features

• Intercepting Proxy: Capture, modify, forward, or drop HTTP/HTTPS requests in real-time.
• Active & Passive Scanner: Automatically detect vulnerabilities such as:
  • Reflected Cross-Site Scripting (XSS)
  • SQL Injection (Error-based)
  • Path Traversal
  • Security Header Misconfigurations
  • Sensitive Information Disclosure
• Fuzzer: A powerful payload generator for brute-forcing and fuzzing parameters. Includes built-in quick-select wordlists for XSS, SQLi, usernames, passwords, and more.
• Resend Tool: Manually modify and replay individual requests (similar to Repeater).
• Spider/Crawler: Automatically crawl web applications to map out the attack surface.
• Project Management: Save and load your work (traffic logs, identified issues, and tool configurations).
• Dashboard: Real-time monitoring of active scan jobs and discovered issues.

Prerequisites

• Java Development Kit (JDK): Version 17 or higher is required.
• Gradle: The project includes a Gradle wrapper (gradlew), so a local installation is not strictly necessary.

Installation & Building

1. Clone the repository:

   git clone https://github.com/DerekHaber/Argus-Proxy.git
   cd Argus-Proxy

2. Build the project using Gradle:

   • Windows:

     .\gradlew build

   • Linux/macOS:

     ./gradlew build

Running Argus

To start the application directly via Gradle:

./gradlew run

Alternatively, you can run the generated JAR file from the build/libs directory after building.

Configuration Guide

1. Setting up the Proxy in Your Browser

By default, Argus listens on 127.0.0.1:8081. You can change this in the application under File > Settings.

To inspect web traffic, configure your browser to route traffic through Argus:

1. Open your browser's proxy settings (or use an extension like FoxyProxy).
2. Set the HTTP and HTTPS proxy to:
   • IP: 127.0.0.1
   • Port: 8081

2. Installing the SSL Certificate (HTTPS Support)

To inspect HTTPS traffic, Argus acts as a Man-in-the-Middle (MITM). You must install the Argus Root CA certificate in your browser or operating system.

1. Launch Argus.
2. Go to File > Export Root CA Certificate....
3. Save the .crt file to your computer.
4. Import into Browser/OS:
   • Windows (System-wide): Double-click the .crt file -> Install Certificate -> Current User -> Place all certificates in the following store -> Browse -> Trusted Root Certification Authorities.
   • Firefox: Settings -> Privacy & Security -> Certificates -> View Certificates -> Import -> Select the .crt file -> Check "Trust this CA to identify websites".
   • Chrome/Edge: Uses the Windows system store (see above).

Note: If you see "Certificate Errors" in your browser, ensure the certificate is installed in the Trusted Root store, not just the Personal store.

Usage Overview

Dashboard

The landing page showing active scan jobs and a summary of all discovered security issues. You can toggle between the "Issues" table and the "Scan Log" to see real-time crawler activity.

Target

Displays the site map of accessed URLs. Right-click on any node to:

• Active Scan: aggressively test the specific endpoint.
• Crawl & Scan: Spider the host and scan discovered URLs.

Proxy

• Intercept: Toggle interception on/off. When ON, requests hang until you click Forward or Drop.
• HTTP History: A log of all traffic passing through the proxy.
• Filter: Apply filters by keyword, regex, or content type (e.g., hide images/CSS).

Resend

Send a request from the Proxy history to this tab to manually modify headers or body parameters and observe the response. Useful for logical testing.

Fuzzer

Send a request to the Fuzzer to automate attacks.

1. Highlight the part of the request you want to fuzz (e.g., a parameter value).
2. Click Add Markers (§).
3. Choose a Payload Set (load from file or use the Load Built-in... button for default wordlists like XSS, SQLi, etc.).
4. Click Start Attack.

Troubleshooting

• Port Conflict: If Argus fails to start, port 8081 might be in use. Go to File > Settings to change the listener port.
• Browser Connection Error: Ensure the proxy settings in your browser match the IP/Port in Argus.
• HTTPS Errors: Re-install the Root CA certificate. You can also regenerate a new CA via File > Regenerate Root CA... if the old one expires or is compromised (requires re-installation in the browser).