Concealment Layer: Reverse Proxy for Concealing and Deceiving Website Information

by ddos · June 3, 2024

Concealment Layer – Reverse Proxy for Concealing and Deceiving Website Information

CLay offers a unique and powerful feature that goes beyond traditional security measures. CLay takes deception to a new level by mimicking the appearance of a website with information from a different framework. The primary objective is to mislead and deceive potential attackers, leading them to gather false information about the web application.

Features

Request filtering by User Agent
HTML Comment Filtering
Informative Response Header Filtering
Adding Dummy HTML Comments
Adding Decoy Informative Response Headers
Adding Decoy Cookies
Error Template Changing

Supported Decoy Frameworks

PHP
Laravel
Microsoft ASP.NET
Flask
Django

Supported Decoy Webservers

Nginx
Apache HTTP Server

Requirements

Python 3.11+
mitmproxy is a set of tools that provide an interactive, SSL/TLS-capable intercepting proxy for HTTP/1, HTTP/2, and WebSockets. CLay utilizes mitmproxy‘s capabilities to intercept and modify HTTP/HTTPS traffic on the fly.
Jinja is a fast, expressive, extensible templating engine.

Quick Start

Fetch and start CLay package installation.
git clone https://github.com/kisanakkkkk/CLay.git
cd CLay
pip3 install .
Generate new configuration file. On the menu prompt, choose [1] Run CLay (default config), then enter the target URL for which you’d like to set up the CLay.
CLay -g
Start CLay.
CLay -c config.json
Go to http://0.0.0.0:5000/.
(Optional) Build CLay as systemd linux service. This allows CLay to run in the background and be restarted automatically if it exits unexpectedly.
chmod +x initservice.sh
sudo ./initservice.sh config.json
sudo systemctl status CLay