跳转至

【HettyHTTP open source hacking toolkit (future replacement for BurpSuite)】

HettyHTTP open source hacking toolkit (future replacement for BurpSuite)

💻Collection search tools + analysis🔧

🔗【 ❤️ Download ❤️ 】

introduce

Hetty is an HTTP toolkit for security research. It is designed to be an open source alternative to commercial software such as Burp Suite Pro, with powerful features tailored to the needs of the information security and bug bounty communities.

Function

HTTP man-in-the-middle (MITM) proxy and GraphQL server.
Web interface (Next.js) with agent log viewer.
Add scope support to agents.
Full-text search (using regular expressions) in the agent log viewer.
project management.
Sender module for sending manual HTTP requests from scratch or based on requests in the proxy log.
Attacker module for automatically sending HTTP requests. It can be developed quickly by taking advantage of the concurrency capabilities of Go and its net/http package.

Install

Hetty is packaged as a binary on GitHub with embedded web interface resources.

You can find downloads for Linux, macOS, and Windows on docker

  1. $ docker run \
  2. -v $HOME/.hetty/hetty_key.pem:/root/.hetty/hetty_key.pem \
  3. -v $HOME/.hetty/hetty_cert.pem:/root/.hetty/hetty_cert.pem \
  4. -v $HOME/.hetty/hetty.bolt:/root/.hetty/hetty.bolt \
  5. -p  127.0 . 0.1 : 8080 : 8080  \
  6. dstotijn/hetty

usage

Hetty is packaged as a single binary file with embedded web interface resources. When the program is running, it listens on:8080 by default and is accessible via Depending on the incoming HTTP request, it can act as a MITM proxy, or serve the GraphQL API and web interface (Next.js).

Original article, author: Admin, please indicate the source for reprinting