Prox Spray is a powerful tool that allows you to check if you can proxy through common ports on a web application while testing. By scanning for open ports commonly used for proxying, Prox Spray helps identify potential vulnerabilities and access restricted resources within the scope of your penetration test.

• Port Scanning: Prox Spray performs a port scan on the target web application, checking for open ports such as 80, 443, 8080, and 8443.
• Proxy Testing: It enables you to test if you can successfully proxy through the identified open ports, providing valuable insights into potential security weaknesses.
• Scope Expansion: By leveraging the ability to proxy through specific resources, Prox Spray uncovers alternative routes to access resources that may be blocked within the defined scope of your penetration test.
• Flexible Configuration: Prox Spray allows you to customize the target URLs, ports to scan, and request headers for proxy testing, offering flexibility to adapt to different testing scenarios.
• Informative Reporting: The tool generates detailed reports that include the scan results, proxy response codes, and other relevant information, facilitating thorough analysis and documentation of the testing process.

The motivation behind developing Prox Spray came from a real-life scenario where I discovered that a particular web application allowed proxying through specific resources. This realization emphasized the importance of testing for proxy vulnerabilities during penetration tests. Prox Spray was created to provide a streamlined and efficient way to identify such vulnerabilities and enhance the overall effectiveness of your penetration testing efforts.