Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add HTTP Toolkit #335

Open
wants to merge 1 commit into
base: master
from
Open

Add HTTP Toolkit #335

wants to merge 1 commit into from

Conversation

@pimterry
Copy link

pimterry commented Nov 28, 2019

No description provided.

@meitar

This comment has been minimized.

Copy link
Collaborator

meitar commented Nov 28, 2019

This tool seems to require payment to do essentially every basic thing needed in a pentest such as request rewriting that other HTTP intercepting tools already on this list (e.g., OWASP ZAP) do for free. This tool therefor seems far more like a dev helper tool than a pentest tool to me.

I would not merge this but would also not strongly object if @techgaun disagrees.

@pimterry

This comment has been minimized.

Copy link
Author

pimterry commented Nov 28, 2019

It does do request rewriting for free! You can breakpoint and manually rewrite or redirect any requests or responses as you'd like, just like ZAP.

It does require payment for fully automated request rewriting (e.g. putting in a bunch of rules to mock out an entire API or similar), but that's normally not what you want for exploratory work like pentesting.

I'm not sure everything on the list needs to be 100% free to be awesome. For example, Burp Suite is already included, which is another penetration tool that includes only essential features in its free version, and has all its advanced options behind a paid subscription.

@meitar

This comment has been minimized.

Copy link
Collaborator

meitar commented Nov 28, 2019

It does do request rewriting for free! You can breakpoint and manually rewrite or redirect any requests or responses as you'd like, just like ZAP.

Ah, okay, that was not clear to me from reading the product page description.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.