• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2018
  • July
  • 12
  • Echo Mirage – Generic Network Proxy

Echo Mirage – Generic Network Proxy

July 12, 2018July 27, 2019 Comments Off on Echo Mirage – Generic Network Proxy
echo mirage echo mirage download echo mirage tool download echo mirage tutorial how to use echo mirage

a Freeware tool that hooks into an application’s process and enables us to monitor the network interactions.

This process can be done with a running process, or it can run the application on the user’s behalf. This type of security testing falls under Thick Client Application Security Testing.

Thick Clients Applications can be further divided into two parts:

  • Proxy-aware Thick Clients
  • Proxy-Unaware Thick Clients

Proxy-aware Thick Clients

If a Thick Client can set up a proxy server, then it is known as a Proxy-aware Thick Client. Examples of Proxy-aware Thick Clients are Microsoft Outlook, Google Talk, Yahoo Messenger, etc. Such applications typically require the user to install them on their systems, thus making them run completely on the user’s system and utilizing the system’s resources and making them reliant on the local systems security. Tools such as Burp Suite can be used to test such clients.

Proxy-Unaware Thick Clients

If a Thick Client does not have the ability to set up a proxy server, then it is known as a Proxy-Unaware Thick Client. Such clients are therefore difficult to test because of the problems faced while setting up a proxy. This is where Echo Mirage comes into play.

Echo Mirage allows us to see and edit the data being exchanged be it encrypted or unencrypted session. In the event wherein a user’s system has been compromised by an exploit/payload, Echo Mirage can be used to hook into the compromised process, and the communication between the attacker’s machine and the victim’s machine can be intercepted. This can give insight to what kind of information the attacker is looking for on the victim’s machine.

Few more features of Echo Mirage:

  • Traffic Log: Traffic log, as the name suggests, keeps a detailed history of the entire communication that took place. We can, at any given point of time, go back to the logs and re-check any data that we might’ve missed.

 

  • Rules: Echo Mirage has another feature called rules. This feature enables us to make custom rules that would intercept certain calls made by the application. Rules can be created to intercept only the inbound traffic or outbound traffic, or both made to a certain address on a particular port. Rules can also be made to define pre-defined actions and search for certain keywords based on muti-lined, case sensitivity, single-lined, extended or anchored. New rules can be made by clicking on the Green Plus Icon on the top. Echo Mirage also gives us the ability to export the user defined rules or import new rules.

 

In conclusion, Echo Mirage is an effective tool to test Proxy-Unware Thick Client Applications. Other tools such as Burp Suite can be configured to some extent to do the same job. However, they may not present the same results as Echo Mirage.

Download Echo Mirage

Post navigation

SharpShooter – Payload Generation Framework
Sherlock – Tool to find missing Windows patches for Local Privilege Escalation Vulnerabilities

Related Articles

Is your VPN Legit or Shit?

- VPN
May 4, 2019May 19, 2019

Most Secure VPN’s used by Hackers

- VPN
May 2, 2019August 14, 2019

8 Use cases of what you can do with a VPN

- VPN
May 1, 2019May 19, 2019
hacker gadgets
hacker phone covers

Recent Posts

maigret

maigret: OSINT username checker

February 27, 2021
confused: check for dependency confusion vulnerabilities

confused: check for dependency confusion vulnerabilities

February 27, 2021
CornerShot - Amplify Network Visibility From Multiple POV Of Other Hosts

CornerShot – Amplify Network Visibility From Multiple POV Of Other Hosts

February 26, 2021
A picture of Police seized 52,000 pills during execution of a search warrant

Four Arrested in Germany for Selling Drugs on the Darkweb

February 26, 2021
SaltStack Multiple High-Risk Vulnerabilities Alert

SaltStack Multiple High-Risk Vulnerabilities Alert

February 26, 2021
OpenWifiPass - An Open Source Implementation Of Apple's Wi-Fi Password Sharing Protocol In Python

OpenWifiPass – An Open Source Implementation Of Apple’s Wi-Fi Password Sharing Protocol In Python

February 26, 2021

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs
ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook
Twitter
Google-plus
Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW