Skip to content
Permalink
Browse files

Updated README.md + TODO file

  • Loading branch information...
drk1wi committed May 21, 2019
1 parent 152e814 commit 10d19cb6ff5b358c0fdc3e5ddc63d3b948402c6f
Showing with 10 additions and 7 deletions.
  1. +4 −3 README.md
  2. +6 −4 TODO
@@ -3,8 +3,9 @@
Modlishka is a powerful and flexible HTTP reverse proxy. It implements an entirely new approach of handling HTTP traffic flow, which allows to transparently proxy multi-domain destination TLS traffic over a single domain TLS certificate in an automated manner. What does this exactly mean? In short, it simply has a lot of potential, that can be used in many interesting ways...

From the security perspective, Modlishka can be currently used to:
- Hijack application HTTP TLS traffic flow through the "Client Domain Hooking" attack.
- Help penetration testers to carry out a modern ethical phishing campaign that requires a universal 2FA “bypass” support.
- Hijack application HTTP TLS traffic flow and perform a HTTP 301 Cache poisoning attack.
- Wrap legacy websites with TLS layer, confuse crawler bots and automated scanners, etc.
- TBC

Modlishka was written as an attempt overcome standard reverse proxy limitations and as a personal challenge to see what is possible with sufficient motivation and a bit of extra research time.
@@ -35,10 +36,10 @@ Some of the most important 'Modlishka' features :
- Stateless design. Can be scaled up easily to handle an arbitrary amount of traffic - e.g. through a DNS load balancer.
- Can be extended easily with your ideas through modular plugins.
- Automatic TLS certificate generation plugin for the proxy domain (requires a self-signed CA certificate)
- Written in Go, so it works basically on all platforms: Windows, Linux, BSD, ARM supported...
- Written in Go, so it works basically on all platforms and architectures: Windows, OSX, Linux, BSD supported...

**Security related:**
- "[Client Domain Hooking](https://blog.duszynski.eu/hijacking-browser-tls-traffic-through-client-domain-hooking/)" attack in form of a diagnostic module.
- "[Client Domain Hooking](https://blog.duszynski.eu/client-domain-hooking-in-practice/)" attack in form of a diagnostic module.
- Support for majority of 2FA authentication schemes (out of the box).
- User credential harvesting (with context based on URL parameter passed identifiers).
- Web panel plugin with a summary of automatically collected credentials and one-click user session impersonation module (beta POC).
10 TODO
@@ -1,11 +1,13 @@
# This is a TODO file with the most important long and short term tasks for this project.
# Help always appreciated :-)
# Help always kindly appreciated :-)

- Create a logo image
- Move all of the phishing related functionalities to a seperate plugin
- Extend "Domain Client Hooking" plugin with more diagnosing features
- Move all of the phishing related functionalities to a seperate, dedicated, plugin
- Extend "Domain Client Hooking" plugin with more diagnosing features, visualisation and other useful features.
- Improve control plugin: session impersonation
- Write support for NTLM authentication
- Write support for NTLM authentication. Possibly others as well.





0 comments on commit 10d19cb

Please sign in to comment.
You can’t perform that action at this time.