InterceptSuite: Open-source network traffic interception tool
InterceptSuite is an open-source, cross-platform network traffic interception tool designed for TLS/SSL inspection, analysis, and manipulation at the network level.
“InterceptSuite is designed primarily for non-HTTP protocols, although it does support HTTP/1 and HTTP/2. It offers support for databases, SMTP, and custom protocols, and can manage unknown protocols and their TLS connections. Developed in C, it ensures efficient memory management and performance, utilising native SOCKS5 proxy support on Linux, Mac, and Windows, with OpenSSL for TLS,” Sourav Kalal, the creator of the tool, told Help Net Security.
The tool features a cross-platform C# GUI and supports Python extensions for protocol dissection. Notably, it allows TLS upgrades, such as STARTTLS and custom upgrades, enabling interception of plaintext protocols that transition to TLS. capabilities not found in any proxy solutions. Additionally, it supports specific IoT protocols like MQTT.
“As a compiled binary from C and C#, it requires signing, especially on macOS. Some features, like STARTTLS and PCAP support, are not included in the open-source version to cover signing certificate costs, affecting only a limited number of users,” Kalal explained.
Future plans and download
Kalal said the current focus is on the UDP protocol, following recent updates that added new features and broader support for TCP and TLS. As of version 1.1.1, InterceptSuite supports only plaintext UDP, but the roadmap includes adding support for UDP-based protocols such as DTLS, WebRTC, and CoAP.
Because UDP does not work with proxies, Kalal also plans to release VPN server support in the coming months. This will allow traffic to be redirected to InterceptSuite through the VPN, enabling support for both TCP and UDP, while also extending interception capabilities to proxy-unaware applications as well as Android and iOS devices.
InterceptSuite is available for free on GitHub.
Must read:
- 35 open-source security tools to power your red team, SOC, and cloud security
- GitHub CISO on security strategy and collaborating with the open-source community
Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!