Noseyparker - 23 July

Alot of time today was spent investigating the nogotofail server daemon and if it has functionality for inspecting unencrypted versions of HTTPS content. I'm now fairly certain the tool doesn't provide this.

I started investigations on how I could add this feature. I wrote a test connection handler to experiment with events the tool provides during the TLS handshake process, as well as HTTPS requests and responses. The event model is comprehensive and most events fired when I expected.

I also looked for examples of simple Python based man-in-the-middle TLS proxies to better understand what is required. Pymiproxy looks like a good candidate -

Some recent features I've added look like goof additions to the master nogotofail repository. I built a new Debian test server on Google Compute Engine and configured the software - it's working well. Tomorrow I'll add and test these features in a fork of the repository. Hopefully pull requests will follow soon ... to be continued!