Xepor

Overview

Xepor is a web routing framework designed for reverse engineers and security researchers, offering a Flask-like API to intercept and modify HTTP requests and responses in a user-friendly coding style. This project, compatible with mitmproxy, allows users to write scripts with Xepor and run them for various purposes, from proof of concept to production-level implementations.

Features

• Flask-like API: Code everything with @api.route(), similar to Flask.
• Multiple URL Routes: Handle multiple URL routes and hosts in one InterceptedAPI instance.
• Request and Response Modification: Ability to modify requests before connecting to servers and responses before forwarding to users.
• Blacklist/Whitelist Mode: Choose between allowing only defined URL endpoints or blocking specified domains.
• Human-Readable URL Path Definition: Easily define and match URL paths with support for regex matching.
• Host Remapping: Redirect rules to genuine upstream from fake hosts for SSL stripping and server-side license cracking.
• Mitmproxy Compatibility: Support for all mitmproxy operation modes.

Summary

Xepor is a versatile web routing framework tailored for reverse engineers and security researchers, offering a powerful API for intercepting and modifying HTTP traffic. With features like Flask-like coding, multiple URL route handling, request/response modifications, and support for various mitmproxy operation modes, Xepor provides a comprehensive solution for diverse use cases, from evil access points and traffic sniffing to license cracking and web crawling. Note: Xepor does not provide SSL stripping capabilities.