CLay – Enhancing Web Security hrough Deceptive Reverse Proxies

CLay offers a unique and powerful feature that goes beyond traditional security measures.

CLay takes deception to a new level by mimicking the appearance of a website with information from a different framework.

The primary objective is to mislead and deceive potential attackers, leading them to gather false information about the web application.

Features

• Request filtering by User Agent
• HTML Comment Filtering
• Informative Response Header Filtering
• Adding Dummy HTML Comments
• Adding Decoy Informative Response Headers
• Adding Decoy Cookies
• Error Template Changing

Supported Decoy Frameworks

• PHP
• Laravel
• Microsoft ASP.NET
• Flask
• Django

Supported Decoy Webservers

• Nginx
• Apache HTTP Server

Requirements

• Python 3.11+
• mitmproxy is a set of tools that provide an interactive, SSL/TLS-capable intercepting proxy for HTTP/1, HTTP/2, and WebSockets. CLay utilizes mitmproxy‘s capabilities to intercept and modify HTTP/HTTPS traffics on the fly.
• Jinja is a fast, expressive, extensible templating engine.

Quick Start

1. Fetch and start CLay package installation.

git clone https://github.com/kisanakkkkk/CLay.git
cd CLay
pip3 install .

2. Generate new configuration file. On the menu prompt, choose [1] Run CLay (default config), then enter the target URL for which you’d like to set up the CLay.

CLay -g

For more information click here.