Skip to content
This repository was archived by the owner on Feb 8, 2020. It is now read-only.
/ bandit-proxy Public archive

🔫 A dangerous proxy for unrestricted XHR access in browser

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

willnode/bandit-proxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
insensitive-object.js
insensitive-object.js
 
 
package.json
package.json
 
 
proxy.js
proxy.js
 
 
server.js
server.js
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

bandit-proxy

A proxy for web testing. Accompanying willnode/bandit XHR tools.

With this proxy any website that opened in your browser can:

  • Making XHR Bypassing CORS + Cache Control
  • Inject to protected HTTP Request Header (cookie, hostname, dsb.)
  • Fully read HTTP Response returned from XHR

All done without any rate-limitation, without compromising browser security.

Installation

git clone https://github.com/willnode/bandit-proxy
cd bandit-proxy
yarn
node server

Then set the bandit XHR proxy to the address shown (e.g. localhost:7070).

TODO

More options, more fine-grained testing features.

A Securiy Breach

Don't leave this proxy run on casual browsing, please.

About

🔫 A dangerous proxy for unrestricted XHR access in browser

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages