jofpin
commented
5 years ago Hey! Enjoy the new version 2.0 stable, brings many features included and correcting bugs. https://github.com/jofpin/trape
Closed vepicurean closed 5 years ago
jofpin
commented
5 years ago Hey! Enjoy the new version 2.0 stable, brings many features included and correcting bugs. https://github.com/jofpin/trape
I don't think Trape is rendering the target url web pages properly. I've tried several public web pages and they just don't show properly. Others seem to have mentioned this fact before.
Observations that are either bugs or potential improvements.
Bugs:
For example purposes, using google.com as the target, the images on the page don't show properly. This behaviour makes it seem like it's not the original target page. It's not just google.com. Any target web page I tried does not show properly. I use firefox and chrome on Linux. Same behaviour on each browser.
When trying to close or leave the target page, a message in the browser comes up about "keeping changes" or staying on the page? Very strange behaviour.
Fixes:
Most targets would be tipped off to the strange looking url showing in the browser window as it's not the standard/normal site url. When I first saw Trape, I expected the url in the browser to show like the original page. It doesn't. There needs to be some url cloaking or aliasing built in to enable the visible url to appear more authentic.
The trape tool should integrate ngrok and serveo. Similar to how it's done with Shellfish or the previous WAN capable version of Blackeye
Hope this feedback helps improve the functionality of the product. Right now, it seems to be broken. Not really usable. It's got a lot of promise and is much needed for security testing and research.