Output folder for each host

README.md

@@ -6,7 +6,7 @@ It's useful for saving the traffic as text files and using it to find various da
 It can also be used to apply the [HUNT Methodology](https://github.com/bugcrowd/HUNT) in a more bash friendly way.
 
 ## Install certificate
-Add `ca.crt`, located in the root of this repository, as a trusted certificate either in you browser of in your system, in order to be able to intercept TLS traffic.
+Add `ca.crt`, located in the root of this repository, as a trusted certificate either in you browser or in your system, in order to be able to intercept TLS traffic.
 
 ## Configure browser
 First of all, in order to use ponieproxy, you should set your browser to use ponieproxy as an HTTP proxy.

filters/default.go

@@ -49,6 +49,7 @@ func PopulateUserdata(f *config.Flags) RequestFilter {
 				ReqBody:      string(reqBody),
 				ReqDump:      string(requestDump),
 				FileChecksum: hex.EncodeToString(checksum[:]),
+				Host:         req.URL.Host,
 			}
 
 			req.Body = ioutil.NopCloser(bytes.NewBuffer(reqBody))
@@ -76,7 +77,7 @@ func WriteReq(f *config.Flags) RequestFilter {
 		},
 		Handler: func(req *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
 			ud := ctx.UserData.(UserData)
-			go utils.WriteUniqueFile(ud.FileChecksum, ud.ReqBody, f.OutputDir, ud.ReqDump, "req")
+			go utils.WriteUniqueFile(ud.Host, ud.FileChecksum, ud.ReqBody, f.OutputDir, ud.ReqDump, "req")
 
 			return req, nil
 		},
@@ -108,7 +109,7 @@ func WriteResp(f *config.Flags) ResponseFilter {
 			}
 
 			ud := ctx.UserData.(UserData)
-			go utils.WriteUniqueFile(ud.FileChecksum, ud.ReqBody, f.OutputDir, string(responseDump), "res")
+			go utils.WriteUniqueFile(ud.Host, ud.FileChecksum, ud.ReqBody, f.OutputDir, string(responseDump), "res")
 
 			return res
 		},

filters/filters.go

@@ -18,4 +18,5 @@ type UserData struct {
 	ReqBody      string
 	ReqDump      string
 	FileChecksum string
+	Host         string
 }

filters/utils.go

@@ -24,7 +24,7 @@ func FindInJson(huntType string, huntParam string, reqJsonKeys map[string]struct
 	}
 
 	if fileMsg.String() != "" && flags.HuntOutputFile {
-		utils.WriteUniqueFile(ud.FileChecksum, "", flags.OutputDir, fileMsg.String(), "hunt")
+		utils.WriteUniqueFile(ud.Host, ud.FileChecksum, "", flags.OutputDir, fileMsg.String(), "hunt")
 	}
 
 	if slackMsg.String() != "" && flags.SlackWebHook != "" {
@@ -48,7 +48,7 @@ func FindInQueryParams(huntType string, huntParam string, reqQueryParams map[str
 	}
 
 	if fileMsg.String() != "" && flags.HuntOutputFile {
-		utils.WriteUniqueFile(ud.FileChecksum, "", flags.OutputDir, fileMsg.String(), "hunt")
+		utils.WriteUniqueFile(ud.Host, ud.FileChecksum, "", flags.OutputDir, fileMsg.String(), "hunt")
 	}
 
 	if slackMsg.String() != "" && flags.SlackWebHook != "" {

internal/utils/utils.go

@@ -55,12 +55,13 @@ func CollectJsonKeys(json map[string]interface{}, reqJsonKeys map[string]struct{
  * This means that any request and it's resposne are named with the same hash.
  * This makes it easy to go through and read them, when opened with "vim *"
  */
-func WriteUniqueFile(checksum string, body string, outputDir string, httpDump string, ext string) {
-	if outputDir != "./" {
-		os.MkdirAll(outputDir, os.ModePerm)
-	}
+func WriteUniqueFile(host string, checksum string, body string, outputDir string, httpDump string, ext string) {
+	folderPath := fmt.Sprintf("%v/%v", outputDir, host)
+	filePath := fmt.Sprintf("%v/%v.%v", folderPath, checksum, ext)
 
-	filePath := fmt.Sprintf("%v/%v.%v", outputDir, checksum, ext)
+	if !FileExists(folderPath) {
+		os.MkdirAll(folderPath, os.ModePerm)
+	}
 
 	if !FileExists(filePath) {
 		var constructed string