[TOOL] NoPE Proxy

[sk3l10x1ng]

NoPE Proxy serves as a Burp Suite Extension designed for proxying Non-HTTP Traffic.

Link: https://github.com/summitt/Nope-Proxy

[sk3l10x1ng]

@cpholguera please assign to me . will work on it

[cpholguera]

It's assigned to you now. We also have the corresponding weakness that is still to be completed. Would you like to work on that one at the same time?

https://mas.owasp.org/MASWE/MASVS-NETWORK/MASWE-0048/
#2688

Ideally we'd

1. Define the weakness MASWE-0048
2. Create the new technique (MASTG-TECH-XXXX)
3. Create one test (MASTG-TEST-02XX) referring to the new technique (MASTG-TECH-XXXX).
4. Create one demo (MASTG-DEMO-XXXX) for that test using this tool NoPE Proxy (MASTG-TOOL-XXX).

We have some minimal content that could be used to create the technique:
https://mas.owasp.org/MASTG/0x04f-Testing-Network-Communication/#intercepting-non-http-traffic

Our V1 tests for Android and iOS have a paragraph about this

Interception proxies like Burp and OWASP ZAP will show HTTP(S) traffic only. You can, however, use a Burp plugin such as Burp-non-HTTP-Extension or the tool mitm-relay to decode and visualize communication via XMPP and other protocols.