Chameleon
Chameleon: A tool for evading Proxy categorisation
Install / Use
/learn @mdsecactivebreach/ChameleonREADME
_.....---..._
_..-'-. _.--' '--.._
_.-' ( 0) Y'' ''-.._
(---.._, '-._
`---.,___.-\ \----......./ /..------...____ '-.
_/ / _/ / __\ \ __\ \ `-. \
(((-' (((-' (((---' (((---` ) /
.-'.-'
Chameleon: @domchell, MDSec ActiveBreach (__`-,
``
Description
Chameleon is a tool which assists red teams in categorising their infrastructure under arbitrary categories. Currently, the tool supports arbitrary categorisation for Bluecoat, McAfee Trustedsource and IBM X-Force. However, the tool is designed in such a way that additional proxies can be added with ease.
Usage
usage: chameleon.py [-h] [--proxy <proxy>] [--check] [--submit]
[--domain <domain>]
optional arguments:
-h, --help show this help message and exit
--proxy <proxy> Proxy type: a = all, b = bluecoat, m = mcafee, i = IBM
Xforce
--check Perform check on current category
--submit Submit new category
--domain <domain> Domain to validate
Example 1: Checking the category of your website against all supported proxies:
$ python chameleon.py --proxy a --check --domain google.com
_.....---..._
_..-'-. _.--' '--.._
_.-' ( 0) Y'' ''-.._
(---.._, '-._
`---.,___.-\ \----......./ /..------...____ '-.
_/ / _/ / __\ \ __\ \ `-. \
(((-' (((-' (((---' (((---` ) /
.-'.-'
Chameleon: @domchell, MDSec ActiveBreach (__`-,
``
[-] Targeting Bluecoat WebPulse
[-] Checking category for google.com
[-] Your site is categorised as: Search Engines/Portals
[-] Targeting McAfee Trustedsource
[-] Getting anti-automation tokens
[-] Checking category for google.com
[-] Found category: - Search Engines
[-] Targeting IBM Xforce
[-] IBM xForce Check: google.com
[-] Domain categorised as Search Engines / Web Catalogues / Portals
Example 2: Submitting your domain for the financial category for McAfee proxy only:
$ python chameleon.py --proxy m --submit --domain foobar.com
_.....---..._
_..-'-. _.--' '--.._
_.-' ( 0) Y'' ''-.._
(---.._, '-._
`---.,___.-\ \----......./ /..------...____ '-.
_/ / _/ / __\ \ __\ \ `-. \
(((-' (((-' (((---' (((---` ) /
.-'.-'
Chameleon: @domchell, MDSec ActiveBreach (__`-,
``
[-] Targeting McAfee Trustedsource
[-] Getting anti-automation tokens
[-] Checking category for foobar.com
[-] Found category: - Personal Pages
[-] Submitting URL for finance category
[-] URL submitted, please wait up to 6 hours for categorisation
Caution: when attempting to categorise a site in Bluecoat, do not check the category first otherwise it will end up uncategorised! Individual hosts can however be categorised differently.
Credits
Chameleon was developed by Dominic Chell of the MDSec ActiveBreach team.
Categorisation checks for Bluecoat and IBM X-Force were reused based on code originally developed in DomainHunter and CatMyFish.
Related Skills
node-connect
345.9kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
106.4kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
345.9kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
345.9kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
