Tuesday, March 29, 2011

OWASP Hatkit Proxy v.1

The Hatkit Proxy is an intercepting http/tcp proxy based on the Owasp Proxy, but with several additions.

These additions are:
Swing-based UI,
Interception capabilities with manual edit,
Syntax highlightning (html/form-data/http) based on JFlex,
Storage of http traffic into MongoDB database,
Interception capabilities of tcp-traffic,
Possibilities to intercept in Fully Qualified mode (like all other http-proxies) OR Non-fully qualified mode. The latter means that interception is performed *after* the host has been parsed, thereby enabling the user to submit non-valid http content.
The primary purpose of the Hatkit Proxy is to create a minimal, lightweight proxy which stores traffic into an offline storage where further analysis can be performed, e.g. all kinds of analysis which is currently implemented by the proxies themselves (webscarab/burp/paros etc).

More info: http://www.owasp.org


No comments: