PEnetration TEsting Proxy: open-source Java application for traffic analysis & modification
PEnetration TEsting Proxy
PETEP (PEnetration TEsting Proxy) is an open-source Java application for creating proxies for traffic analysis & modification. The main goal of PETEP is to provide a useful tool for performing penetration tests of applications with various protocols (on TCP/UDP) by setting up proxies and interceptors to manage the traffic transmitted between the client and the server.
Features
The latest PETEP version has the following protocol support:
- TCP proxy with SSL/TLS support
- UDP proxy
There are the following functionalities:
- External HTTP proxy – support for tunneling the TCP traffic through HTTP proxies like Zaproxy, Burp Suite, etc
- Logger – basic text file logging of intercepted traffic
- Tagger – rules for tagging protocol data units for easier modification rules and history filtering
- Modifier – rules for automatic traffic modification (e.g. replacing bytes)
- Catcher – manual traffic interception and modification
- History – history of traffic that was intercepted by PETEP with filtering support
- Repeater – manual sending and editing of protocol data units
- Scripter – basic support for JS scripts for custom traffic processing
- Connections – management of active connections
Detailed descriptions of all modules can be found in the official User Guide.
Scripter extension
In order to use the Scripter extension, it is recommended to use GraalVM, since the implementation is built using GraalVM Polyglot. Since GraalVM 22.2, you might need to install the scripting language in the GraalVM using gu install js.
Tunnel TCP through an HTTP proxy like Burp or Zaproxy
In order to test TCP communication using existing HTTP proxies like Burp Suite, OWASP Zap etc.), you can use PETEP external HTTP proxy module, which allows you to tunnel the TCP communication through these proxies.
The external HTTP proxy module wraps the TCP communication inside HTTP, which is sent through the proxy. Repeating the packets is also supported as long as the connection is alive, so Burp Intruder/Repeater and Zaproxy Requester/Fuzzer can also be used for TCP communication.
For more information, see User Guide – External HTTP Proxy.
Note: If you only want to use PETEP as the tunnel for sending the TCP through HTTP proxies, I would recommend setting it up in GUI mode and then running it in NO-GUI mode (PETEP [project_path] --nogui).
SSL/TLS, STARTTLS proxy support
PETEP supports TCP proxy with SSL/TLS and STARTTLS. In order to use these, you have to provide certificate, since the application does not generate it itself. For certificate generation, there are many tools that can be used, but one of them is part of Java binaries (%JAVA_HOME%/bin/keytool).
To generate a certificate in JKS keystore, you can use the following command:
keytool -genkey -alias petep -keyalg RSA -validity 3650 -keysize 4096 -keystore server.jks
Note: It is recommended to store these certificates alongside the project (project_dir/conf/server.jks)
Install & Use
Copyright PETEP © 2023 Michal Válka
