Websecurify

Regular updates about Websecurify free and premium website scanners, proxies, fuzzers and insight knowledge about SQL Injection, Cross-site Scripting and other vulnerabilities

Landing Proxy.app

We are happy to announce the new addition to our toolkit: Proxy.app - a native intercepting proxy designed specifically for Mac OS X.

Proxy.app is a wonderful intercepting proxy written on top of several native technologies available exclusively to Mac OS X. It is very fast, good to your memory and simply beautiful all around with gorgeous native sidebars, inspectors, syntax highlighting editors (done from scratch) and loads of other things that makes it just the best intercepting proxy for Apple's operating system.

Here is a summary of some of the main features:

Native Experience

When we started writing Proxy.app we wanted a native application that works together with the rest of the technology stack. We wanted something fast and super efficient in order to bring the world of desktop proxies to a new age. Unfortunately most proxies these days are not native. The majority of them are written on top of Java which is no longer a suitable desktop application environment specifically for Mac OS X due to lack of support from Apple themselves.

Proxy.app is different because it is completely native. There is no sluggishness. It loads in just several megabytes of memory and operates in just a fraction of what is typically needed for a Java-based proxy. It has native menus, shortcuts and other native elements that fit nicely with the rest of the applications on Mac. It integrates well with all kinds of native services and frameworks available to Cocoa applications.

Open File Format

Proxy.app can store your proxy sessions into file bundles with extension .proxy. Underneath you will find an SQLite data storage which you can introspect in whichever way you want. Working with .proxy files is just a breeze. They are automatically integrated into the operating system with meta-data support and other capabilities.

Proxy files are fast to load, save and move around regardless of their size. The other proxies available today will take a considerable amount of time to load, save, export their data and when they crash, they often loose your entire work. Proxy.app is not like this. It saves automatically, i.e. it is crash resistant. Data is loaded instantaneously without any waiting. Loading, saving, renaming and working with files just takes a moment.

Sandbox By Default

We chose to use sandboxing for the proxy to make you feel better about the tool and the kinds of things it does. This way you know that Proxy.app is at least protected at operating system level and does only what is supposed to do and nothing else. This is one of the extra steps that we took to ensure that this tool is as native and as cutting-edge as possible. It is also a assurance that Proxy.app will move with any trends introduced by Apple.

Request/Response Tampering

We have implemented a full featured request/response tampering capabilities into the proxy so that you can modify anything that goes in transit. HTTP is automatically transformed to fit into various use-cases and we can even dynamically recalculate content length and other HTTP specific data that is required to process RFC-compliant requests and responses. All of this is done via a powerful HTTP editor that supports syntax highlighting and many other features.

SSL Man In The Middle

In this day and age SSL interception is a must so we have added features to intercept and observe SSL traffic but with native support of the Mac OS X Keychain. Working with Proxy.app is the easiest way to get you started. It does not present the user with multiple hurdles just to do basic operations. SSL interception works out of the box and we have plans to improve further these capabilities.

Current State and Future plans

You can download the ALPHA release of Proxy.app today. Although, labelled as ALPHA, this release is stable and fully functional. We are aware of a few minor bugs that we will fix with the upcoming release. We will also fix anything else reported by the community and introduce a few new features.

The current plan is to put the tool on the app store together with several other tools that we are currently working on. We may also decide to keep and support a public version but this hasn't been confirmed yet. We are more than happy to hear your opinion.

Don't forget to let us know what you think.

Comments Powered ByDisqus