WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropriately respond to client-issued requests.

Related tags

Third-party APIs Wrappersdocker-composeslack-webhookout-of-banddiscord-webhookhttp-interactiondns-interaction
Overview

WILSON Cloud Respwnder

Twitter Follow

What is this?

WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications (WILSON) with the ability to serve custom content in order to appropriately respond to the client issuing the request. It is probably most useful to security testers and bug bounty hunters.

When exploiting bugs that interact with an external server (e.g. SSRF or some XSS), it is sometimes useful to serve custom content on specific paths on the remote server. With WILSON Cloud Respwnder you can setup a fully functional PHP web server with transparent logging of all incoming DNS and HTTP requests to a Slack or Discord channel.

Features

  • Monitor DNS and HTTP requests in real-time without time window constraints. Continue receiving notifications for weeks or months on end to find more bugs;
  • Send notifications to Slack and/or Discord webhooks;
  • View the complete HTTP requests in your logs, including POST bodies;
  • By default resolves every subdomain.yourdomain.com to the same web server, allowing you to choose meaningful names that are easy to work with;
  • Filter out specific domains from cluttering your notifications by adding them to /data/blacklist.txt;
  • Modify and serve your own content on the PHP web server by writing files to /www;
  • A full NGINX server is at your disposal for advanced configuration options;
  • A full bind9 DNS server allows you to host arbitrary DNS records for advanced test cases;

Installation

WILSON Cloud Respwnder requires you to have a registered domain yourdomain.com with its nameserver(s) pointing to the server where you're installing this.

  1. Clone this repository: git clone https://github.com/honoki/wilson-cloud-respwnder;
  2. Run ./setup.sh yourdomain.com to generate the required config files;
  3. Follow the steps to generate your LetsEncrypt certificate;
  4. Edit settings.env to include your Slack and/or Discord webhooks;
  5. Run sudo docker-compose up -d
  6. Test if things are working by browsing to https://random-subdomain.yourdomain.com/randompage

Limitations

  • No support for protocols other than HTTP and DNS;
  • Due to limitations of Slack and Discord notifications, HTTP requests are truncated if the request body is larger than ~2KB or ~3KB respectively. Full HTTP messages can be viewed in /logs/mitm/http.log when that happens;
  • Nested subdomains (e.g. test.sub.yourdomain.com) will resolve to your server, but will not automatically have a valid certificate due to limitations of LetsEncrypt. This means HTTP requests will work as expected, but HTTPS requests will likely fail.

Acknowledgments

Thanks to @michenriksen for suggesting the name Wilson, referencing the Wilson cloud chamber used to visualize the passage of ionizing radiation.

Owner
GitHub Repository
Web3 Ethereum DeFi toolkit for smart contracts, Uniswap and PancakeSwap trades, Ethereum JSON-RPC utilities, wallets and automated test suites.

Web3 Ethereum Defi This project contains common Ethereum smart contracts and utilities, for trading, wallets,automated test suites and backend integra

Trading Strategy 222 Jan 04, 2023
Moon-TikTok-Checker - A TikTok Username checking tool that probably 3/4 people use to get rare usernames

Moon Checker (educational Purposes Only) What Is Moon Checker? This is a TikTok

glide 4 Nov 30, 2022
A discord bot can stress ip addresses with python tool

Python-ddos-bot Coded by Lamp#1442 A discord bot can stress ip addresses with python tool. Warning! DOS or DDOS is illegal, i shared for educational p

IrgyGANS 1 Nov 16, 2021
Data Platform com AWS CDK

Welcome to your CDK Python project! This is a blank project for Python development with CDK. The cdk.json file tells the CDK Toolkit how to execute yo

Andre Sionek 8 Jul 02, 2022
Discord-RAID-Tool - Hacks/tools

How to use Python must be installed run install-config If you dont have python installed, download python 3.7.6 and make sure you click on the 'ADD TO

1 Jan 01, 2022
This Mirror Bot is a multipurpose Telegram Bot writen in Python for mirroring files on the Internet to our beloved Google Drive.

MIRROR HUNTER This Mirror Bot is a multipurpose Telegram Bot writen in Python for mirroring files on the Internet to our beloved Google Drive. Repo la

anime republic 130 May 28, 2022
The WhatsApp lib

yowsup WARNING It seems that recently yowsup gets detected during registration resulting in an instant ban for your number right after registering wit

Tarek 6.8k Jan 04, 2023
Basic Discord python bot

#How to Create a Discord Bot Account In order to work with the Python library and the Discord API, we must first create a Discord Bot account. Here ar

Tustus 1 Oct 13, 2021
Notflix - Notion / Netflix and IMDb to organise your movie dates. Happy Valentine <3 from 0x1za

Welcome to notflix ๐Ÿ‘‹ This is a project to help organise shows to watch with my

Mwiza Ed' Simbeye 3 Feb 15, 2022
:globe_with_meridians: A Python wrapper for the Geocodio geolocation service API

Py-Geocodio Python wrapper for Geocodio geocoding API. Full documentation on Read the Docs. If you are upgrading from a version prior to 0.2.0 please

Ben Lopatin 84 Aug 02, 2022
Tiktok-bot - A Simple Tiktok bot With Python

Install the requirements pip install selenium pip install pyfiglet==0.7.5 How ca

Muchlis Faroqi 5 Aug 23, 2022
A simple script that will watch a stream for you and earn the channel points.

Credits Main idea: https://github.com/gottagofaster236/Twitch-Channel-Points-Miner Bet system (Selenium): https://github.com/ClementRoyer/TwitchAutoCo

Alessandro Maggio 1.1k Jan 08, 2023
The Best Telegram UserBot Made With Pyrogram [Python]

Asterix UserBot A Powerful Telegram userbot based on Pyrogram. How To Deploy Asterix Heroku Railway Qovery Termux Tutorial Railway Deploy Comming Soon

TeamAsterix 9 Oct 17, 2022
python library to the bitly api

bitly API python library Installation pip install bitly_api Run tests Your username is the lowercase name shown when you login to bitly, your access

Bitly 245 Aug 14, 2022
Discord-Wrapper - Discord Websocket Wrapper in python

This does not currently work and is in development Discord Websocket Wrapper in

3 Oct 25, 2022
McTrade is a bot exploiting Binance API, open source! built in python !

Open Source Crypto Trading Bot using Binance API Report Bug ยท Request Feature Table of Contents About The Project Built With Getting Started Prerequis

Raphael Cohen 5 Jul 17, 2022
A Video Streaming Telegram Bot written in Python with Pyrogram and PyTgcalls

Video Stream Bot A Video Streaming Telegram Bot written in Python using Pyrogram and PyTgcalls Requirements Python 3.9 Telegram API Telegram Bot Token

Aarav Arora 61 Dec 10, 2022
Python wrapper library for World Weather Online API

pywwo Python wrapper library for World Weather Online API using lxml.objectify How to use from pywwo import * setKey('your_key', 'free') w=LocalWeat

World Weather Online 20 Dec 19, 2022
A telegram bot to track whales activities on multiple blockchains.

Telegram Bot : Whale Watcher A straightforward telegram bot written in python to track whales activity on multiple blockchains, using whale-alert API

Laurenz Bougan 1 Dec 10, 2021
Ever wanted a dashboard for making your antispam? This is it.

Ever wanted a dashboard for making your antispam? This is it.

Skelmis 1 Oct 27, 2021