Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.
- Machine-in-the-middle (MITM) HTTP proxy, with logs and advanced search
- HTTP client for manually creating/editing requests, and replay proxied requests
- Scope support, to help keep work organized
- Easy-to-use web based admin interface
- Project based database storage, to help keep work organized
ℹ️ Hetty is in early development. Please see the backlog for details.
???? Join the Hetty Discord server.
???? Read the docs.
The quickest way to install and update Hetty is via a package manager:
brew install hettysoft/tap/hetty
sudo snap install hetty
scoop bucket add hettysoft https://github.com/hettysoft/scoop-bucket.git
scoop install hettysoft/hetty
Alternatively, you can download the latest release from GitHub for your OS and architecture, and move the binary to a directory in your
$PATH. If your OS is not available for one of the package managers or not listed in the GitHub releases, you can compile from source (link?) or use a Docker image (link?).
Once installed, start Hetty from the command line:
When invoked without any options, this:
- Creates a root CA certificate and private key, stored on disk at
- Creates a BadgerDB database, stored on disk at
- Runs an HTTP server that listens on
0.0.0.0:8080, used for proxying and serving the admin interface
You should see the following console output:
2022/03/01 11:09:15 INFO [main] Hetty (v0.5.1) is running on :8080 ...2022/03/01 11:09:15 INFO [main] Get started at http://localhost:8080
???? You can now visit http://localhost:8080 to access the admin interface.
To easily use the HTTP proxy without manual setup, Hetty can invoke Chrome (if installed) on startup with the correct predefined settings, via:
Alternatively, you can trust the root CA certificate system wide.
Create a project
- Visit the admin interface at http://localhost:8080 and click “Manage Projects”.
- Use the “New project” form to create an open new project:
Once you have a project created and opened, any incoming HTTP requests proxied by Hetty will be logged.
Use the proxy
To use Hetty’s HTTP proxy, you have several options:
- Run Hetty with
hetty --chromeand use a preconfigured Chrome instance (recommended)
- Use a browser extension like FoxyProxy (Firefox) or Proxy SwitchyOmega (Chrome)
- Configure system wide HTTP proxy settings (not recommended)
When using a browser extension for proxying, you can use
http://localhost:8080 as the proxy URL (unless you’ve specified a custom listen to address with the
If you’re planning to use the proxy from a machine different than the one running Hetty (e.g. another device in your LAN), you’ll need to use a non-loopback network address, e.g. the IP address assigned by your DHCP server.
???? With one of the above options, use the proxy by visiting a website to incur some logs we’ll use in the next section.
View proxy logs
Once you’ve generated some traffic on the HTTP proxy, there should be some requests logged. Let’s review them by opening the Proxy logs page in the admin interface, found in the vertical menu bar on the left.
Copy to Sender
Use the “copy” icon next to any log entry to copy this request to the Sender module, allowing you to edit and resend the HTTP request:
Edit & send request
Browse to the Sender module via the vertical menu bar on the left.
At the bottom of the screen, click the request we just copied from the Proxy logs.
Now you can edit the method, URL, request headers and body of the request. Every time you click Send, a new request is sent and recorded in the history pane at the bottom of the screen.
You should now be up and running with Hetty! ???? Check out the guides for more detailed feature documentation.
Use issues for bug reports and feature requests, and discussions for questions and troubleshooting.
???? Join the Hetty Discord server.
Want to contribute? Great! Please check the Contribution Guidelines for details.
- Thanks to the Hacker101 community on Discord for all the encouragement and feedback.
- The font used in the logo and admin interface is JetBrains Mono.
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
- Blog2022.10.12Vulnerability management with Wazuh open source XDR
- Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
- Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky