Project Slot 15 - Improving HoneyProxy

Student: Maximillian Hils (DE)
Primary mentor: Guillaume Arcas (FR)
Backup mentor: Sébastien Larinier (FR)

Google Melange: https://www.google-melange.com/gsoc/proposal/review/google/gsoc2013/mhils/16001

Project Overview:
HoneyProxy started as a GSoC project last year. Based on the great feedback, the project's goal for this year is to enhance HoneyProxy with new analysis options and enhanced filtering capability. HoneyProxy will become part of mitmproxy during that process, giving us a big audience for our work.

Project Plan:
1) New traffic table with better filtering & highlighting.
This is one of the bigger tasks I already started to work on. The plan is to move the JavaScript backend away from Backbone.js to a Dojo Store. This allows us to employ dgrid as the grid system for the traffic table. Using dgrid, we can accomplish multiple goals at once:

  • lazy-loading lists - this makes HoneyProxy load large data sets very fast
  • Improved filtering and highlighting
  • Custom columns

2) Integration of DNSChef
For our network forensic gurus, we want to integrate DNSChef as a HoneyProxy Plugin that logs DNS requests in the interface.

3) Merging HoneyProxy with mitmproxy
When we started developing HoneyProxy last year, we picked mitmproxy/libmproxy as a solid basis to work on. This turned out to be an excellent choice, I had the pleasure to collaborate closely with Aldo Cortesi, mitmproxys main developer over the last year. Given the already strong bonding and great collaboration between the two projects, we decided to join our forces and merge HoneyProxy into mitmproxy. Both Aldo and I believe that this will push both projects significantly further.

mitmproxy is one of the both most advanced and widespread SSL proxies on the market. I think we added some really cool features with HoneyProxy, so I am super excited to bring them to this large audience (over 1.500 stars and 120 forks on GitHub). Merging both codebases should avoid duplicate efforts in multiple areas as well. My plan is to keep the HoneyProxy "brand name" for HoneyProxy Client and rename HoneyProxy itself to show a closer association with mitmproxy.

4) Adding support for reactive two-way databinding in the GUI
A reactive templating engine on the client side should be developed as a powerful base to build on. This milestone mainly consists of internal JavaScript refactorings and improvements.

5) Improving HoneyProxy-Client
HoneyProxy-Client received great attention from the security community. While I started it as a simple use case demonstration for HoneyProxy, I'm happy that people like it and I'd love to add searching functionality to it. This however requires changes to the mitmproxy/HoneyProxy file dump format. As this milestone depends on work of others (Aldo), I can't make a full commitment that we will finish it this summer.

Project Source Code Repositories:
GitHub: mhils/HoneyProxy (will get part of mitmproxy)
GitHub: mitmproxy/mitmproxy
GitHub: mitmproxy/netlib

Student Weekly Blog: http://gsoc2013.honeynet.org/category/project-15-improving-honeyproxy/

Project Useful Links:
HoneyProxy/mitmproxy merge overview