- Simple to-do app (.net-core, mysql, EF)
- Java Quotations app (java, mysql, mqtt)
- Python Quotations app (python, mysql, amqp-091)
- Golang Chat app (golang, postgres, redis)
- Intercept Phone with Wireguard
These are simple environments to test The Protocol Master application. We will mock without a line of code the database and a rest api of a simple TODO web application.
- The documentation for the protocol master is here
- A Docker environment
- The Docker environment address (let's use DOCKER_SERVER for now)
- To play with the applications as stand-alone you can replace all 192.168.131.20 addresses (my docker server) with your docker server address
- All needed docker images loaded (if you wanna pre-setup everything)
docker image pull mysql:8.0.40 docker image pull mcr.microsoft.com/dotnet/aspnet:8.0 docker image pull amazoncorretto:17.0.7-alpine docker image pull docker.io/library/node:18-alpine docker image pull docker.io/library/node:lts-alpine docker image pull eclipse-mosquitto:2.0.20 docker image pull adoptopenjdk/openjdk11:jdk-11.0.11_9-alpine-slim docker image pull postgres:9.6.18 docker image pull golang:1.18-bullseye docker image pull python:3.9.13
The project net-core
can be run automatically with selenium and testcontainers starting the tests inside the e2etest
project. If no env variable is set, the Chrome browser will run till the end of the test. Two environment variables can
be used
- RUN_VISIBLE: Show the browser
- HUMAN_DRIVEN: Show the browser AND show blocking messages in the various phases
All .NET applications run out of the box only on Intel architecture, that means
- Platform: linux/amd64
- Target Architecture: amd64
For Apple M processors should work the following, change the HttpServer and RestServer dockerfile according to your needs (see on Microsoft for further info on the subject)
- Platform: linux/arm64
- Target Architecture: arm64
(Thanks patrick-baker for the UI!)
If you have Intellij or know what are *.http files you can configure this setting the
myhost
variable to DOCKER_SERVER
- Clone the repo
https://github.com/kendarorg/the-protocol-master-samples.git
- Configure your browser to use DOCKER_SERVER:29000 as HTTP/S Proxy
- Navigate to the "net-core" directory
- Run
docker-compose up
to generate the environment - Several containers will be created
- net-core-tpm: The Protocol Master server
- net-core-mysql: The mysql database
- net-core-http: The web-ui
- net-core-rest: The rest back-end
- Download the DER SSL certificate (root certificate) from the tpm host ui and install it as a trusted root certificate
You can check now the application navigating (in the proxied browser) to anything you want, and you will se the calls flowing on the console.
You can even try the application on http://net-core-http/index.html but for the sake of simplicity please delete all tasks before continuing the tutorial
- Start all the recording-plugins on the UI
- Navigate to http://net-core-http/index.html
- Insert a new task and click Submit
- Task Name: Laundry
- Priority: High
- Notes: Separate Colors
- Set the status to Completed
- Click Update
- Click Archive
- Go on Archive tab (upper right) and notice the task
- Stop all the recording-plugins on the UI
- You can download all the on the ui as a zip file
- Stop the
db_mysql
container - Start on MySQL the replay-plugin
- Refresh the page http://net-core-http/index.html
- Redo exactly all the actions
- And everything will work!!!! But with a fake DB
- Stop on MySQL the replay-plugin
- Stop the
net-core-rest
container - Start on Http the replay-plugin
- Refresh the page http://net-core-http/index.html
- Redo exactly all the actions
- And everything will work!!!! But with a fake Rest API!!
- Stop on Http the replay-plugin
If you have Intellij or know what are *.http files you can configure this setting the
myhost
variable to DOCKER_SERVER
You can check the quotations going to http:\\java-rest\index.html
- Clone the repo
https://github.com/kendarorg/the-protocol-master-samples.git
- Configure your browser to use DOCKER_SERVER:29000 as HTTP/S Proxy
- Navigate to the "java" directory
- Run
docker-compose up
to generate the environment - Several containers will be created
- java-tpm: The Protocol Master server
- java-mysql: The mysql database
- java-mosquitto: The mqtt broker
- java-rest: The application reading mqtt messages (and showing on APIs)
- java-quote-generator: The quote generation (every 10 seconds random stock quotes)
- Download the DER SSL certificate (root certificate) from the tpm host ui and install it as a trusted root certificate
- Connect your mysql ui to
DOCKER_HOST:23306
and use the databasedb
Now your environment is ready for a real test!
- Start on Mqtt the record-plugin
- Delete all records on
db.quotations
table - Wait for some data on
quotations
table (at least 10 seconds, this is the "run-time") - Stop on Mqtt the record-plugin
- You can download all the on the ui as a zip file
- Stop the
java-quote-generation
container - Stop the
java-rest
container - Delete all data on
quotations
table - Refresh all the open pages for
java-rest
- Start on Mqtt the replay-plugin
- Check the new data on
quotations
table or look on the chart the values updating - Mqtt simulation... done!
- Start on Mqtt the replay-plugin
- Activate the Mqtt publish-plugin
- Restart Mosquitto
- Open the publish plugin "Publish Section"
- Set the
content-type
toJSON
- Topic to
quotations
- Message body to the following with the
UNIXTIMESTAMP
being current time in milliseconds
{ "symbol" : "META","date" : 1744030940999,"price" : 1000.00, "volume" : 1000 }
- Look on your message on the graph! Here it is your fake message
If you have Intellij or know what are *.http files you can configure this setting the
myhost
variable to DOCKER_SERVER
You can check the quotations going to http:\\py-rest\index.html
- Clone the repo
https://github.com/kendarorg/the-protocol-master-samples.git
- Configure your browser to use DOCKER_SERVER:29000 as HTTP/S Proxy
- Navigate to the "python" directory
- Run
docker-compose up
to generate the environment - Several containers will be created
- py-tpm: The Protocol Master server
- py-mysql: The mysql database
- py-rabbit: The amqp broker
- py-rest: The application reading mqtt messages (and showing on APIs)
- py-quote-generator: The quote generation (every 10 seconds random stock quotes)
- Download the DER SSL certificate (root certificate) from the tpm host ui and install it as a trusted root certificate
- Connect your mysql ui to
DOCKER_HOST:23306
and use the databasedb
Now your environment is ready for a real test!
- Start on Amqp the record-plugin
- Delete all records on
db.quotations
table - Wait for some data on
quotations
table (at least 10 seconds, this is the "run-time") - Stop on Amqp the record-plugin
- You can download all the on the ui as a zip file
- Stop the
py-quote-generation
container - Stop the
py-rest
container - Delete all data on
quotations
table - Refresh all the open pages for
py-rest
- Start on Amqp the replay-plugin
- Check the new data on
quotations
table or look on the chart the values updating - Amqp simulation... done!
- Stop on Amqp the replay-plugin
- Activate the Amqp publish-plugin
- Restart Mosquitto
- Open the publish plugin "Publish Section"
- Set the connection to "ALL"
- Set the
app-id
totest
- Queue to
quotations
- Exchange to
stock
- Message body to the following with a time after "now"
{ "symbol" : "META","date" :"2025-04-07 15:11:11","price" : 1000.1, "volume" : 1000 }
- Look on your message on the graph! Here it is your fake message
- Clone the repo
https://github.com/kendarorg/the-protocol-master-samples.git
- Configure your browser to use DOCKER_SERVER:29000 as HTTP/S Proxy
- Navigate to the "golang" directory
- Run
docker-compose up
to generate the environment - Several containers will be created
- go-tpm: The Protocol Master server
- go-postgres: The postgres database
- go-redis: The Redis server
- go-rest: The chat application
- Download the DER SSL certificate (root certificate) from the tpm host ui and install it as a trusted root certificate
- Connect your postgres ui to
DOCKER_HOST:25432
and use the databasedb
Now your environment is ready for a real test!
- Start on Redis the record-plugin
- Open the proxied browser on http://go-rest/index.html and login as "user1" on channel " common"
- Open another tab of the proxied browser on http://go-rest/index.html and login as "user2" on channel "common"
- Write some messages on both browsers
- Stop on Redis the record-plugin
- You can download all the on the ui as a zip file
- Start on Redis the replay-plugin
- Restart inserting data on the messages
- Stop on Redis the replay-plugin
- Activate the Redis publish-plugin
- Open the publish plugin "Publish Section"
- Set the
content-type
toJSON
- Queue to
common
- Message body to
fake: message
- Look on your message on the chat!
This works well even when working with applications that do not support proxies
Both the Docker and your phone must be on the same network and visible to each other
- First replace in
mitm/docker-compose.yml
theWG_HOST
variable with the one of your Docker Server - Run
docker-compose up
inmitm
directory - Install the Wireguard client on your phone
- Navigate to the Wireguard interface http://YOUR_DOCKER_SERVER:51821/
- And create a profile to install in Wireguard
- Now going on the report plugin http://YOUR_DOCKER_SERVER:28081/plugins/global/report-plugin
- You can query all DNS calls and see all requested domains
- Next step will be intercepting all this calls through TPM
SELECT(
WHAT(cnt=COUNT(),tags.requestedDomain=tags.requestedDomain),
GROUPBY(tags.requestedDomain),
ORDERBY(DESC(cnt))
)