rawproxy

package
v0.29.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 7, 2026 License: MIT Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CloseCapture 

func CloseCapture(w *bufio.Writer, f *os.File) error

func CreateMITMUpstreamTransport 

func CreateMITMUpstreamTransport(host string, fingerprint BrowserFingerprint) *http.Transport

CreateMITMUpstreamTransport creates a transport specifically for MITM upstream connections with browser-like TLS fingerprint to bypass Cloudflare

func DialUTLS 

func DialUTLS(ctx context.Context, addr, serverName string, fingerprint BrowserFingerprint) (net.Conn, error)

DialUTLS creates a direct uTLS connection for WebSocket or other raw connections

func FileExists 

func FileExists(p string) bool

FileExists checks if a file exists

func GetCachedProto 

func GetCachedProto(host string) string

GetCachedProto returns the cached protocol for a host (e.g. "h2" or "http/1.1"). Returns empty string if the host hasn't been probed yet. This allows other packages to check the actual upstream protocol.

func GetTransportForHost 

func GetTransportForHost(scheme, host string) http.RoundTripper

GetTransportForHost returns an appropriate transport for the given scheme and host For HTTPS, it creates a uTLS round tripper to mimic browser TLS fingerprint For HTTP, it uses the shared plain HTTP transport

func GetUTLSRoundTripper 

func GetUTLSRoundTripper(host string, fingerprint BrowserFingerprint) http.RoundTripper

GetUTLSRoundTripper returns a UTLSRoundTripper for the given host This is the preferred way to make HTTP requests with browser TLS fingerprint

func HandleWebSocketConnect 

func HandleWebSocketConnect(clientConn net.Conn, target string, reqDump []byte, requestID string, config *Config)

func HandleWebSocketUpgrade 

func HandleWebSocketUpgrade(w http.ResponseWriter, r *http.Request, requestID string, config *Config)

func MitmHTTPS 

func MitmHTTPS(clientConn net.Conn, connectReq *http.Request, requestID string, config *Config)

MitmHTTPS terminates TLS with client, sends requests upstream over TLS, captures both sides Supports both HTTP/1.1 and HTTP/2 automatically via ALPN negotiation

func ProxyHandler 

func ProxyHandler(w http.ResponseWriter, r *http.Request, config *Config)

ProxyHandler is the main HTTP proxy handler

func StartCaptureFile 

func StartCaptureFile(r *http.Request, reqDump []byte, respHeader []byte, config *Config) (string, *bufio.Writer, *os.File, error)

StartCaptureFile writes the request section and response headers, returning the file path and writer.

func StartWebSocketTunnel 

func StartWebSocketTunnel(clientConn, serverConn net.Conn, wsCtx *WebSocketContext, clientBuf *bufio.ReadWriter, config *Config)

Types

type BrowserFingerprint 

type BrowserFingerprint int

BrowserFingerprint represents different browser TLS fingerprints to mimic 

const (
	FingerprintChrome BrowserFingerprint = iota
	FingerprintFirefox
	FingerprintSafari
	FingerprintEdge
	FingerprintRandom // Randomly pick one
)

type Config 

type Config struct {
	// Certificate folder (optional - only for cert files)
	ConfigFolder string // Folder for certificate files only (ca.crt, ca.key)

	// Server settings (optional - defaults provided)
	ListenAddr   string        // Address to listen on (default: ":8080")
	ReadTimeout  time.Duration // HTTP read timeout (default: 10m, high to support intercept)
	WriteTimeout time.Duration // HTTP write timeout (default: 10m, high to support intercept)
	IdleTimeout  time.Duration // HTTP idle timeout (default: 10m, high to support intercept)

	// Output settings (optional - defaults provided)
	OutputDir    string // Directory for HTTP/HTTPS captures (default: "captures")
	WebSocketDir string // Directory for WebSocket captures (default: "<OutputDir>/websockets")

	// MITM settings (optional - if nil, HTTPS will be tunneled without inspection)
	MITM     *MitmCA // MITM CA certificate
	CertPath string  // Path to CA certificate (default: "<ConfigFolder>/ca.crt" or "cert/ca.crt")
	KeyPath  string  // Path to CA key (default: "<ConfigFolder>/ca.key" or "cert/ca.key")

	// Handlers (optional)
	OnRequestHandler          OnRequestHandler          // Custom request handler
	OnResponseHandler         OnResponseHandler         // Custom response handler
	OnWebSocketMessageHandler OnWebSocketMessageHandler // Custom websocket message handler

	// Internal (optional - will be created if nil)
	ReqCounter *atomic.Uint64 // Request counter for unique IDs
}

Config holds the proxy configuration

type MitmCA 

type MitmCA struct {
	// contains filtered or unexported fields
}

func GenerateMITMCA 

func GenerateMITMCA(dir string) (*MitmCA, string, string, error)

GenerateMITMCA generates a new MITM CA certificate and private key

func LoadMITMCA 

func LoadMITMCA(certPath, keyPath string) (*MitmCA, error)

func (*MitmCA) CertForHost 

func (m *MitmCA) CertForHost(host string) (*tls.Certificate, error)

type OnRequestHandler 

type OnRequestHandler func(reqData *RequestData, req *http.Request) (*http.Request, error)

type OnResponseHandler 

type OnResponseHandler func(reqData *RequestData, resp *http.Response, req *http.Request) (*http.Response, error)

type OnWebSocketMessageHandler 

type OnWebSocketMessageHandler func(msg *WebSocketMessage) error

type Proxy 

type Proxy struct {
	// contains filtered or unexported fields
}

Proxy represents a proxy server instance

func New 

func New(config *Config) (*Proxy, error)

New creates a new proxy instance with the given configuration

func (*Proxy) GetConfig 

func (p *Proxy) GetConfig() *Config

GetConfig returns the proxy configuration

func (*Proxy) SetRequestHandler 

func (p *Proxy) SetRequestHandler(handler OnRequestHandler)

SetRequestHandler sets the request handler function

func (*Proxy) SetResponseHandler 

func (p *Proxy) SetResponseHandler(handler OnResponseHandler)

SetResponseHandler sets the response handler function

func (*Proxy) SetWebSocketMessageHandler 

func (p *Proxy) SetWebSocketMessageHandler(handler OnWebSocketMessageHandler)

SetWebSocketMessageHandler sets the websocket message handler function

func (*Proxy) Start 

func (p *Proxy) Start() error

Start starts the proxy server (blocking)

func (*Proxy) Stop 

func (p *Proxy) Stop(ctx context.Context) error

Stop gracefully shuts down the proxy server

type RequestData 

type RequestData struct {
	RequestID string      // Unique request ID
	HttpProto string      // Actual upstream protocol used (e.g. "HTTP/1.1", "HTTP/2.0")
	Data      interface{} // Custom data (e.g., UserData, metadata, etc.)
}

RequestData holds data that can be passed from request handler to response handler

type UTLSRoundTripper 

type UTLSRoundTripper struct {
	// contains filtered or unexported fields
}

UTLSRoundTripper is an http.RoundTripper that uses uTLS for TLS connections and properly handles HTTP/2 based on ALPN negotiation

func NewUTLSRoundTripper 

func NewUTLSRoundTripper(serverName string, fingerprint BrowserFingerprint) *UTLSRoundTripper

NewUTLSRoundTripper creates a new round tripper with browser fingerprint spoofing

func (*UTLSRoundTripper) RoundTrip 

func (rt *UTLSRoundTripper) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip implements http.RoundTripper

type WebSocketContext 

type WebSocketContext struct {
	RequestID string // Proxy request ID
	Host      string // WebSocket server host
	Path      string // WebSocket endpoint path
	URL       string // Full URL
	// contains filtered or unexported fields
}

WebSocketContext tracks metadata for a WebSocket connection

func (*WebSocketContext) NextIndex 

func (ctx *WebSocketContext) NextIndex() int

NextIndex increments and returns the next message index

type WebSocketMessage 

type WebSocketMessage struct {
	RequestID string    // Proxy request ID (e.g., req-00000001)
	Index     int       // Message sequence number within connection
	Host      string    // WebSocket server host
	Path      string    // WebSocket endpoint path
	URL       string    // Full WebSocket URL
	Direction string    // "send" (client→server) or "recv" (server→client)
	Type      string    // Frame type: text, binary, close, ping, pong
	IsBinary  bool      // Quick check for binary content
	Payload   []byte    // Message content
	Timestamp time.Time // When captured
}

WebSocketMessage contains all context for a captured WebSocket message

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.