Proxy, http analyzer, mitm, transparent proxy
NO NEED FOR ROOTED PHONE
Why would you use it:
- behind corporate firewall/proxy, needing to connect to squid, isa/forefront proxy with authentication
http://code.google.com/p/sandrop/wiki/HowToConnectToOtherProxy
- developer to examine http traffic, with embedded chrome devtools that can be used as ide
- security analyst examining how apps communicate with servers
- ...
Features:
- can act as pass-through proxy, traffic is not stored, ssl tunnel remains the same to server.
- capture,intercept request/response, replay, change before sending further
- can use client certificate to make connection to web server
- creates server certificates on the fly with proper host name
- transparent proxy needs superuser, su, iptables (1.4.10 or higher) to listens on port 80, 443
- request/response are stored as files so can be examined later on
- can bind only local or on all adapters
- client cache headers can be removed so content is always fetched from server (no 304 Not Modified responses)
- custom proxy plugins http://code.google.com/p/sandrop/issues/detail?id=31
- custom search criteria on show request/responses with scripting
- can connect to another proxy (Squid, ISA proxy, ForeFront TMG proxy) (basic, digest, ntlm authentication supported)
- can act as web server to filter/examine captured data
- can connect to insecure sites, switch on/off in preferences
- can use chrome devtools to examine captured data
- chorme devtools 3D panel
- websockets support
!!!!
there are ads on log tab and google analytic events on switching tabs
sorry for that
!!!!
custom proxy plugins:
manual requests:
market.android.com/details?id=org.sandroproxy
http://code.google.com/p/sandrop/
Proxy acts as SSL man-in-the-middle. It generates sites certificates on the fly.
Issuer is named UNTRUSTED.
Based on WebScarab so all credits goes there.
www.owasp.org/index.php/Category:eek:WASP_WebScarab_Project
********************
Requests/Responses are stored in getExternalCacheDir()
/mnt/sdcard/Android/data/org.sandroproxy/cache
http://developer.android.com/reference/android/content/Context.html#getExternalCacheDir()
There is no security enforced with these files. All applications can read and write files placed here.
********************
Use stock browser and change that wi-fi uses proxy on localhost:8008
code.google.com/p/sandrob/issues/detail?id=41#c27
Copy from app thread, because it can also be used as development tool.
For example to store application/server http/https comunication.
Last edited: