Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Add HTTP Toolkit #335
This tool seems to require payment to do essentially every basic thing needed in a pentest such as request rewriting that other HTTP intercepting tools already on this list (e.g., OWASP ZAP) do for free. This tool therefor seems far more like a dev helper tool than a pentest tool to me.
I would not merge this but would also not strongly object if @techgaun disagrees.
It does do request rewriting for free! You can breakpoint and manually rewrite or redirect any requests or responses as you'd like, just like ZAP.
It does require payment for fully automated request rewriting (e.g. putting in a bunch of rules to mock out an entire API or similar), but that's normally not what you want for exploratory work like pentesting.
I'm not sure everything on the list needs to be 100% free to be awesome. For example, Burp Suite is already included, which is another penetration tool that includes only essential features in its free version, and has all its advanced options behind a paid subscription.