PRISM is a SOCKS5/Shadowsocks proxy service built on libuv, designed for traffic inspection and TLS decryption.

It utilizes mbedTLS to decrypt TLS-encrypted traffic in real-time. All proxied data is saved to a specified PCAP file, which can be opened with Wireshark for detailed traffic analysis. Decrypted TLS data will be stored in plaintext within the PCAP file.

⸻

1. TCP (IPv4 & IPv6)
2. UDP (IPv4 & IPv6)

⸻

1. macOS
2. Windows(x64 & arm64)

⸻

Install the following tools depending on your platform:

macOS:

• Ninja
• CMake (version 3.25 or higher)
• Qt (version 6 or higher)

Windows:

• Visual Studio 2022
• CMake (3.25+)
• Qt (version 6 or higher)

• CMAKE_PREFIX_PATH = C:\Qt\6.9.1\msvc2022_xxxxx
• PATH += C:\Qt\6.9.1\msvc2022_xxxxx\bin

Navigate to the project root directory.

cmake --list-presets

cmake --preset <your-preset>

cmake --build --preset <your-preset>

⸻

To enable TLS decryption, you must install the self-signed certificate on both the proxy server and all client systems using the proxy.