ByteBack decodes F5 BIG‑IP load-balancer cookies to reveal internal IPs, node identifiers, and routing flags.
ByteBack is a Python tool that decodes F5 BIG‑IP load-balancer cookies, extracting internal IP addresses, node identifiers, and flags. Designed for authorized security testing, red-team and purple-team exercises, and forensic analysis, it helps researchers and security professionals safely inspect load-balancer behavior, understand routing, and verify configurations.
-
🧩 BIG‑IP Cookie Parsing: Recognizes BIGipServer* and related formats, extracting fields.
-
🔐 Decoding Engine: Reveals internal IP addresses, node identifiers, and routing flags.
-
🔍 Traffic Analysis: Helps understand load-balancer behavior and routing decisions.
-
🛠️ Forensic & Testing Utility: Designed for red-team, purple-team, and authorized security research.
-
🚀 Lightweight & Scriptable: CLI-friendly and easy to integrate into automation or analysis workflows.
- Pre-requisites: Ensure you have Python3 installed on your system.
- Clone the Repo: Use "git clone https://github.com/Cursed271/ByteBack"
- Traverse into the Directory: Use "cd ByteBack"
- Install Dependencies: Use "pip3 install -r requirements.txt"
- Execute the Script: Use "python3 ByteBack.py"
- Enter target URL or raw BIG‑IP cookie value (When prompted)
Have suggestions or feature requests? Feel free to reach out via:
- 🐦 Twitter: @Cursed271
- 🐙 GitHub: @Cursed271
- 🔗 LinkedIn: Steven Pereira
- 📧 Email: cursed.pereira@proton.me
- 🐞 File an Issue: GitHub Issues
- 💡 Request a Feature: Feature Requests
Your feedback helps improve ByteBack! Contributions and PRs are always welcome. 🚀
- Steven Pereira (aka Cursed) - Creator & Maintainer
ByteBack is licensed under the MIT License. See the LICENSE file for details.