The primary purpose of the Hatkit Proxy is to create a minimal, lightweight proxy which stores traffic into an offline storage where further analysis can be performed, i.e. all kinds of analysis which is currently implemented by the proxies themselves (WebScarab/Burp/Paros etc).
Also, since the http traffic is stored in a MongoDB, the traffic is stored at an object-level, retaining the structure of the parsed traffic.
- Swing-based UI,
- Interception capabilities with manual edit, both for TCP and HTTP traffic,
- Syntax highlightning (html/form-data/http) based on JFlex,
- Storage of http traffic into MongoDB database,
- Possibilities to intercept in Fully Qualified mode (like all other http-proxies) OR Non-fully qualified mode. The latter means that interception is performed *after* the host has been parsed, thereby enabling the user to submit non-valid http content.
- A set of filters to either ignore or process traffic which is routed to the proxy. The ‘ignored’ traffic will be streamed to the endpoint with minimal impact on performance.
- HTTP-intercept: Some button/checkboxes in the interception window does not work
- TCP-intercept: The statistics counters are incorrect.
You can download OWASP Hatkit Proxy here:
Or read more here.
- Blackhash – Audit Passwords Without Hashes
- EyeWitness – A Rapid Web Application Triage Tool
- wig – WebApp Information Gatherer – Identify CMS
- OWASP ZAP – Zed Attack Proxy – Web Application Penetration Testing
- Zed Attack Proxy – ZAProxy v1.3.0 Released – Integrated Penetration Testing Tool
- Malware Hash Checking Tool – Online & Offline Support
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,845,695 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,030,951 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 613,597 views