CLay – Enhancing Web Security hrough Deceptive Reverse Proxies

CLay offers a unique and powerful feature that goes beyond traditional security measures.

CLay takes deception to a new level by mimicking the appearance of a website with information from a different framework.

The primary objective is to mislead and deceive potential attackers, leading them to gather false information about the web application.

Features

Request filtering by User Agent
HTML Comment Filtering
Informative Response Header Filtering
Adding Dummy HTML Comments
Adding Decoy Informative Response Headers
Adding Decoy Cookies
Error Template Changing

Supported Decoy Frameworks

PHP
Laravel
Microsoft ASP.NET
Flask
Django

Supported Decoy Webservers

Nginx
Apache HTTP Server

Requirements

Python 3.11+
mitmproxy is a set of tools that provide an interactive, SSL/TLS-capable intercepting proxy for HTTP/1, HTTP/2, and WebSockets. CLay utilizes mitmproxy‘s capabilities to intercept and modify HTTP/HTTPS traffics on the fly.
Jinja is a fast, expressive, extensible templating engine.

Quick Start

Fetch and start CLay package installation.

git clone https://github.com/kisanakkkkk/CLay.git
cd CLay
pip3 install .

2. Generate new configuration file. On the menu prompt, choose [1] Run CLay (default config), then enter the target URL for which you’d like to set up the CLay.

CLay -g

For more information click here.

Varshini

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.