This is a non-IMPACT record, meaning that access to the data is not
controlled by IMPACT. For access, see the directions below.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Summary
DS-1317
Modlishka
External Tool
External Data Source
GitHub
Unknown
Unknown
56 (lowest rank is 56)
Description
Modlishka is a powerful and flexible HTTP reverse proxy.
Modlishka implements an entirely new and interesting approach of handling browser-based HTTP traffic flow, which allows to transparently proxy multi-domain destination traffic, both TLS and non-TLS, over a single domain, without a requirement of installing any additional certificate on the client.
Modlishka can be currently used to:
Support ethical phishing penetration tests with a transparent and automated reverse proxy component that has a universal 2FA "bypass" support.
Automatically poison HTTP 301 browsers cache and permanently hijack non-TLS URLS.
Diagnose and hijack browser-based applications HTTP traffic from the "Client Domain Hooking" attack perspective.
Wrap legacy websites with TLS layer, confuse crawler bots and automated scanners, etc.
Additional Details
2.3MB
false
Unknown
modlishka, 1317, source, inferlink corporation, external, inferlink, corporation, external data source, http, proxy, reverse, flexible, powerful, tls, traffic, domain, hijack, support, based, browser, automated, client, applications, universal, penetration, perspective, wrap, requirement, poison, ethical, component, websites, 301, bypass, diagnose, handling, single, 2fa, destination, attack, confuse, crawler, tests, permanently, browsers, transparently, bots, cache, phishing, flow, multi, implements, scanners, urls, layer, transparent, installing, certificate, hooking, automatically, additional, legacy, other, approach