Before I write up how I potentially reinvented a wheel, is there an existing tool that redirects all IP traffic to a specific host, for testing malware/exploits? e.g.: - All DNS lookups resolve to that host - All IP addresses route to that host - HTTPS traffic goes to that host
Perhaps these are features that some sort of sandbox tool already implements. But maybe not talking to hosts on the live internet isn't a concern with such tools? The idea here is to have a local-vm-only env. where SW can try to connect to any host, but it all goes to one place.
-
-
Not a distinct tool for the source host, but I set the default route of the source to a destination host and configure iptables DNAT on the PREROUTING rule to rewrite any incoming IP packet to the destination. That's assuming a Linux-based destination of course.
-
Yeah, this is basically CERT Tapioca + DNAT to do rewriting. mitmproxy does the HTTPS rewriting/interception. So in the end, you have a VM that provides network connectivity to whatever you're looking at, and everything gets re-routed to the Tapioca machine itself.
- 1 more reply
New conversation -
-
-
http://www.inetsim.org might be what you are looking for... http://www.mock-server.com does HTTP/s
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.