Intercepting Proxy Application to capture, modify and send custom data from one WebSocket host to another, primarily for penetration testing. Supports WebSocket RFC6455 implementations and Socket.io.
Short for "WebSocket/Socket.io Proxy", this tool, written in Node.js, provides a user interface to capture, intercept, send custom messages and view all WebSocket and Socket.IO communications between the client and server.
Upstream proxy support also means you can forward HTTP/HTTPS traffic to an intercepting proxy of your choice (e.g. Burp Suite or Pappy Proxy) but view WebSocket traffic in WSSiP. More information can be found on the blog post.
There is an outward bridge via HTTP to write a fuzzer in any language you choose to debug and fuzz for security vulnerabilities. See Fuzzing for more details.
Written and maintained by Samantha Chalker (@thekettu). Icon for WSSiP release provided by @dragonfoxing.
See Releases.
Run the following in your command line:
npx wssip
Using a command line:
# Clone repository locally
git clone https://github.com/nccgroup/wssip
# Change to the directory
cd wssip
# If you are developing for WSSiP:
# npm i
# If not... (as to minimize disk space):
npm i electron
npm i --production
# Yarn version:
# yarn add electron
# yarn install --production
# Start application:
npm start
# or yarn:
# yarn start
WSSiP provides an HTTP bridge via the man-in-the-middle proxy for custom applications to help fuzz a connection. These are accessed over the proxy server.
A few of the simple CA certificate downloads are:
Returns whether the WebSocket id is connected to a web server, and if so, return information.
URL
URL Params
id=[integer]
Success Response (Not Connected)
{connected: false}Success Response (Connected)
{connected: true, url: 'ws://echo.websocket.org', bytesReceived: 0, extensions: {}, readyState: 3, protocol: '', protocolVersion: 13}Send WebSocket data.
URL
URL Params
Required:
id=[integer]
sender one of client or server
mode one of message, ping or pong
type one of ascii or binary (text is an alias of ascii)
Optional:
log either true or y to log in the WSSiP application. Errors will be logged in the WSSiP application instead of being returned via the REST API.
Data Params
Raw data in the POST field will be sent to the WebSocket server.
Success Response:
{success: true}Error Response:
{success: false, reason: 'Error message'}Pull requests are welcomed and encouraged. WSSiP supports the debug npm package, and setting the environment variable DEBUG=wssip:* will output debug information to console.
There are two commands depending on how you want to compile the Webpack bundle: for development, that is npm run compile:dev and for production is npm run compile. React will also log errors depending on whether development or production is specified.
Currently working on:
For information on using the mitmengine class, see: npm, yarn, or mitmengine/README.md
FAQs
Intercepting Proxy Application to capture, modify and send custom data from one WebSocket host to another, primarily for penetration testing. Supports WebSocket RFC6455 implementations and Socket.io.
We found that wssip demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Socket detected malicious node-ipc versions with obfuscated stealer/backdoor behavior in a developing npm supply chain attack.
Security News
TeamPCP and BreachForums are promoting a Shai-Hulud supply chain attack contest with a $1,000 prize for the biggest package compromise.
Security News
Packagist urges PHP projects to update Composer after a GitHub token format change exposed some GitHub Actions tokens in CI logs.