muraena v1.6 releases: almost-transparent reverse proxy aimed at automating phishing and post-phishing activities
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
The tool re-implements the 15-years old idea of using a custom reverse proxy to dynamically interact with the origin to be targeted, rather than maintaining and serving static pages.
Written in Go, Muraena does not use slow-regexes to do replacement magic and embeds a crawler (Colly) that helps to determine in advance which resource should be proxied.
Muraena does the bare minimum to grep/replace origins in request/responses: this means that for complex origins extra manual analysis might be required to tune the auto-generated JSON configuration file. Hence, do not expect the reverse proxy to work straight out of the box for complex origins.
The config folder has some examples of custom replacements needed on complex origins likes GSuite, Dropbox, GitHub, and others.
This tool showcased in HITB Secconf 2019 ARMS.
- Add support to blacklist visitors by User-Agent #61
- Update tracking.go
- Fix config files
Copyright (c) 2019, antisnatchor & ohpe
All rights reserved.