Open evilscheme opened 11 years ago
Hey,
this sounds like a useful thing to do for some tasks. Thank you for the suggestion, I'm going to implement this. I will do that properly as soon as I have switched out the client-side traffic store, so it might take some time (blocked by https://github.com/mhils/HoneyProxy/issues/46).
As a dirty workaround, you can open your browser JS console and type $("#traffictable tbody").empty()
.
Alternatively, replace gui/HoneyProxy/views/templates/Sidebar.ejs
with the content of this gist.
Thank you!
Awesome, thanks!
Just some context on why I want this: I've installed honeyproxy in AWS and plan to keep it running permanently and throwing random sandbox/honeypot traffic at it. Just to keep it from being a massive list of queries it would be nice to be able to reset the list in-between investigations.
Thank you for the context. Always love to hear what people are using it for. Depending on the stuff you're analyzing, you may be interested in the transparent mode. My personal setup is a VM with host-only networking and some iptables rules to redirect HTTP traffic transparently through HoneyProxy then.
FYI, the workaround posted above only hides the flows temporarily in your browser. So if you reload the page, they are obviously back. I will address this with the coming backend changes. Depending on the amount of traffic you are throwing in, you might also run into performance issues in your browser (>>1000 flows). I will address this with the backend changes as well.
I'm using a remote AWS instance for a couple of reasons: 1) it's a new IP address which is useful when dealing with TDS 2) I can collaborate on investigations with cow-orkers/friends
Since multiple people are sharing the same view, clearing the flows on the backend would be ideal.
Thanks!
I see. As a workaround for the backend, you can restart HoneyProxy dynamically. I don't have a machine to test it at currently, but this script should do the job for you: https://gist.github.com/mhils/5242278
Change line 8 for the auth secret and line 18 for the HoneyProxy parameters.
You should be able to restart HoneyProxy by calling host:8000/restart/secret
then.
Let me know if you have any further issues!
Is there a way to clear the traffic window? If not, that would be handy :)