Transparent proxy from OWASP
ZAP seems like a very good tool for pen testing, but also for debugging HTTP requests between microservices.
The best thing is that it can be run with docker.
An example of setting it up as a transparent proxy with iptables is described here .
The key being to forward request port to ZAP, and it will automatically capture them.
Example:
iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to-destination 192.168.0.4:8443 iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 192.168.0.4:8080
Please leave a Comment