<p align="center">
<img src="https://raw.githubusercontent.com/fkie-cad/friTap/main/assets/logo.png" alt="friTap logo" width="50%" height="50%"/>
</p>
# friTap
 [](https://pypi.org/project/friTap)
The goal of this project is to help researchers to analyze traffic encapsulated in SSL or TLS. For details have a view into the [OSDFCon webinar slides](assets/friTapOSDFConwebinar.pdf) or in [this blog post](https://lolcads.github.io/posts/2022/08/fritap/).
This project was inspired by [SSL_Logger](https://github.com/google/ssl_logger ) and currently supports all major operating systems (Linux, Windows, Android). More platforms and libraries will be added in future releases.
## Installation
Installation is simply a matter of `pip3 install fritap`. This will give you the `friTap` command. You can update an existing `friTap` installation with `pip3 install --upgrade friTap`.
Alternatively just clone the repository and run the `friTap.py` file or download the friTap standlone version from the release page.
## Usage
On Linux/Windows/MacOS we can easily attach to a process by entering its name or its PID:
```bash
$ sudo ./friTap.py --pcap mycapture.pcap thunderbird
```
For mobile applications we just have to add the `-m` parameter to indicate that we are now attaching (or spawning) an Android or iOS app:
```bash
$ ./friTap.py -m --pcap mycapture.pcap com.example.app
```
Further ensure that the frida-server is running on the Android/iOS device.
Remember when working with the pip installation you have to invoke the `friTap` command with sudo a little bit different. Either as module:
```bash
$ sudo -E python3 -m friTap.friTap --pcap mycapture.pcap thunderbird
```
or directly invoking the script:
```bash
$ which friTap
/home/daniel/.local/bin/friTap
$ sudo -E /home/daniel/.local/bin/friTap
```
More examples on using friTap can be found in the [USAGE.md](./USAGE.md). A detailed introduction using friTap on Android is under [EXAMPLE.md](./EXAMPLE.md) as well.
## Supported SSL/TLS implementations and corresponding logging capabilities
```markdown
| Library | Linux | Windows | MacOSX | Android | iOS |
|---------------------------|---------------|---------------|----------|----------|--------------|
| OpenSSL | Full | R/W-Hook only | TBI | Full | TBI |
| BoringSSL | Full | R/W-Hook only | KeyEo | Full | KeyEo |
| NSS | Full | R/W-Hook only | TBI | TBA | TBI |
| GnuTLS | R/W-Hook only | R/W-Hook only | TBI | Full | TBI |
| WolfSSL | R/W-Hook only | R/W-Hook only | TBI | Full | TBI |
| MbedTLS | R/W-Hook only | R/W-Hook only | TBI | Full | TBI |
| Bouncycastle/Spongycastle | TBA | TBA | TBA | Full | TBA |
| Conscrypt | TBA | TBA | TBA | Full | TBA |
```
**R/W-Hook only** = Logging data sent and received by process<br>
**KeyEo** = Only the keying material can be extracted<br>
**Full** = Logging data send and received by process + Logging keys used for secure connection<br>
**TBA** = To be answered<br>
**TBI** = To be implemented<br>
**LibNO** = This library is not supported for this plattform<br>
**We verified the Windows implementations only for Windows 10**
## Dependencies
- [frida](https://frida.re)
- `>= python3.7`
- click (`python3 -m pip install click`)
- hexdump (`python3 -m pip install hexdump`)
- scapy (`python3 -m pip install scapy`)
- watchdog (`python3 -m pip install watchdog`)
- importlib.resources (`python3 -m pip install importlib-resources`)
## Planned features
- [ ] add the capability to alter the decrypted payload
- integration with https://github.com/mitmproxy/mitmproxy
- integration with http://portswigger.net/burp/
- [ ] add wine support
- [ ] add Flutter support
- [ ] add further libraries (have a look at this [Wikipedia entry](https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations)):
- Botan (BSD license, Jack Lloyd)
- LibreSSL (OpenBSD)
- Cryptlib (Peter Gutmann)
- S2n (Amazon)
- JSSE (Java Secure Socket Extension, Oracle)
- [MatrixSSL](https://github.com/matrixssl/matrixssl)
- ...
- [ ] Working with static linked libraries
- [ ] Add feature to prototype TLS-Read/Write/SSLKEY functions
- [ ] improve iOS/MacOS support (currently under development)
- [x] <strike>provide friTap as PyPI package</strike>
## Contribute
Contributions are always welcome. Just fork it and open a pull request!
More details can be found in the [CONTRIBUTION.md](./CONTRIBUTION.md).
___
## Changelog
See the wiki for [release notes](https://github.com/fkie-cad/friTap/wiki#news).
## Support
If you have any suggestions, or bug reports, please create an issue in the Issue Tracker.
In case you have any questions or other problems, feel free to send an email to:
[daniel.baier@fkie.fraunhofer.de](mailto:daniel.baier@fkie.fraunhofer.de).
Raw data
{
"_id": null,
"home_page": "https://github.com/fkie-cad/friTap",
"name": "friTap",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": "",
"keywords": "mobile,instrumentation,frida,hook,SSL decryption",
"author": "",
"author_email": "daniel.baier@fkie.fraunhofer.de",
"download_url": "https://files.pythonhosted.org/packages/de/04/52f13ff44635d880815f5adff6ea83a7f4553d3ed8d7484b33c8c0a9b28e/friTap-1.1.0.1.tar.gz",
"platform": null,
"description": "<p align=\"center\">\n <img src=\"https://raw.githubusercontent.com/fkie-cad/friTap/main/assets/logo.png\" alt=\"friTap logo\" width=\"50%\" height=\"50%\"/>\n</p>\n\n# friTap\n [](https://pypi.org/project/friTap)\n\nThe goal of this project is to help researchers to analyze traffic encapsulated in SSL or TLS. For details have a view into the [OSDFCon webinar slides](assets/friTapOSDFConwebinar.pdf) or in [this blog post](https://lolcads.github.io/posts/2022/08/fritap/).\n\n\nThis project was inspired by [SSL_Logger](https://github.com/google/ssl_logger ) and currently supports all major operating systems (Linux, Windows, Android). More platforms and libraries will be added in future releases.\n\n## Installation\n\n\nInstallation is simply a matter of `pip3 install fritap`. This will give you the `friTap` command. You can update an existing `friTap` installation with `pip3 install --upgrade friTap`.\n\nAlternatively just clone the repository and run the `friTap.py` file or download the friTap standlone version from the release page.\n\n\n## Usage\n\nOn Linux/Windows/MacOS we can easily attach to a process by entering its name or its PID:\n\n```bash\n$ sudo ./friTap.py --pcap mycapture.pcap thunderbird\n```\n\nFor mobile applications we just have to add the `-m` parameter to indicate that we are now attaching (or spawning) an Android or iOS app:\n\n```bash\n$ ./friTap.py -m --pcap mycapture.pcap com.example.app\n```\n\nFurther ensure that the frida-server is running on the Android/iOS device. \n\n\nRemember when working with the pip installation you have to invoke the `friTap` command with sudo a little bit different. Either as module:\n```bash\n$ sudo -E python3 -m friTap.friTap --pcap mycapture.pcap thunderbird\n```\nor directly invoking the script:\n```bash\n$ which friTap\n/home/daniel/.local/bin/friTap\n\n$ sudo -E /home/daniel/.local/bin/friTap\n```\n\n\n\nMore examples on using friTap can be found in the [USAGE.md](./USAGE.md). A detailed introduction using friTap on Android is under [EXAMPLE.md](./EXAMPLE.md) as well.\n\n## Supported SSL/TLS implementations and corresponding logging capabilities\n\n```markdown\n| Library | Linux | Windows | MacOSX | Android | iOS |\n|---------------------------|---------------|---------------|----------|----------|--------------|\n| OpenSSL | Full | R/W-Hook only | TBI | Full | TBI |\n| BoringSSL | Full | R/W-Hook only | KeyEo | Full | KeyEo |\n| NSS | Full | R/W-Hook only | TBI | TBA | TBI |\n| GnuTLS | R/W-Hook only | R/W-Hook only | TBI | Full | TBI |\n| WolfSSL | R/W-Hook only | R/W-Hook only | TBI | Full | TBI |\n| MbedTLS | R/W-Hook only | R/W-Hook only | TBI | Full | TBI |\n| Bouncycastle/Spongycastle | TBA | TBA | TBA | Full | TBA |\n| Conscrypt | TBA | TBA | TBA | Full | TBA |\n```\n**R/W-Hook only** = Logging data sent and received by process<br>\n**KeyEo** = Only the keying material can be extracted<br>\n**Full** = Logging data send and received by process + Logging keys used for secure connection<br>\n**TBA** = To be answered<br>\n**TBI** = To be implemented<br>\n**LibNO** = This library is not supported for this plattform<br>\n\n**We verified the Windows implementations only for Windows 10**\n\n## Dependencies\n\n- [frida](https://frida.re)\n- `>= python3.7`\n- click (`python3 -m pip install click`)\n- hexdump (`python3 -m pip install hexdump`)\n- scapy (`python3 -m pip install scapy`)\n- watchdog (`python3 -m pip install watchdog`)\n- importlib.resources (`python3 -m pip install importlib-resources`)\n\n## Planned features\n\n- [ ] add the capability to alter the decrypted payload\n - integration with https://github.com/mitmproxy/mitmproxy\n - integration with http://portswigger.net/burp/\n- [ ] add wine support\n- [ ] add Flutter support\n- [ ] add further libraries (have a look at this [Wikipedia entry](https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations)):\n - Botan (BSD license, Jack Lloyd)\n - LibreSSL (OpenBSD)\n - Cryptlib (Peter Gutmann)\n - S2n (Amazon)\n - JSSE (Java Secure Socket Extension, Oracle)\n - [MatrixSSL](https://github.com/matrixssl/matrixssl) \n - ...\n- [ ] Working with static linked libraries\n- [ ] Add feature to prototype TLS-Read/Write/SSLKEY functions\n- [ ] improve iOS/MacOS support (currently under development)\n- [x] <strike>provide friTap as PyPI package</strike>\n\n## Contribute\n\nContributions are always welcome. Just fork it and open a pull request!\nMore details can be found in the [CONTRIBUTION.md](./CONTRIBUTION.md).\n___\n\n## Changelog\n\nSee the wiki for [release notes](https://github.com/fkie-cad/friTap/wiki#news).\n\n## Support\n\nIf you have any suggestions, or bug reports, please create an issue in the Issue Tracker.\n\nIn case you have any questions or other problems, feel free to send an email to:\n\n[daniel.baier@fkie.fraunhofer.de](mailto:daniel.baier@fkie.fraunhofer.de).\n",
"bugtrack_url": null,
"license": "GPL v3",
"summary": "Decrypts and logs a process's SSL/TLS traffic on all major platforms.",
"version": "1.1.0.1",
"project_urls": {
"Homepage": "https://github.com/fkie-cad/friTap"
},
"split_keywords": [
"mobile",
"instrumentation",
"frida",
"hook",
"ssl decryption"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "e7962b49120192ecef9cb2baa17d78709c7325ede8aab3b1edc149e9de013682",
"md5": "31cd195fec55d71a1e82aa82248477d6",
"sha256": "38728f04d4f2b6be4e76cd35b4e16cbfa09c5100e444b34f094e4c66c0db6d85"
},
"downloads": -1,
"filename": "friTap-1.1.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "31cd195fec55d71a1e82aa82248477d6",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.6",
"size": 5342958,
"upload_time": "2024-03-05T18:12:19",
"upload_time_iso_8601": "2024-03-05T18:12:19.907293Z",
"url": "https://files.pythonhosted.org/packages/e7/96/2b49120192ecef9cb2baa17d78709c7325ede8aab3b1edc149e9de013682/friTap-1.1.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "de0452f13ff44635d880815f5adff6ea83a7f4553d3ed8d7484b33c8c0a9b28e",
"md5": "dc0406be7b616a38e6575cd73594fe68",
"sha256": "37b2284c8c9e5a203492f56ffb85934587dbe177f336a82c8cacb2612d94f164"
},
"downloads": -1,
"filename": "friTap-1.1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "dc0406be7b616a38e6575cd73594fe68",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 5328773,
"upload_time": "2024-03-05T18:12:26",
"upload_time_iso_8601": "2024-03-05T18:12:26.966202Z",
"url": "https://files.pythonhosted.org/packages/de/04/52f13ff44635d880815f5adff6ea83a7f4553d3ed8d7484b33c8c0a9b28e/friTap-1.1.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-03-05 18:12:26",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "fkie-cad",
"github_project": "friTap",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [],
"lcname": "fritap"
}
JSON
