Open Source Alternative to Commercial Burp Suite Pro, Hetty

It is well said, Knowledge belongs to the mankind. Why to spend hundred of dollars on tools if you are a security researchers in open source space. If you are web pentester then you are on the right post. As a web pentester we need proxy to intercept the web requests. Today we will walk through a software which is an Open Source Alternative to Commercial Burp Suite Pro, called Hetty.

Hetty is available for Windows, Linux, Mac, you can download this from here. Researchers at SecurityNewspaper always encourage people on open source technologies & tools.

INSTALLATION

  • We will be demonstrating this tool on Windows 7, 32 bit. You can download from here
  • After downloading unzip the file and run hetty.exe in command prompt as shown below.

hetty.exe –cert cacert.cer

hetty to generate CA cert
hetty to generate CA cert
  • This will start web server on localhost port 8080.
  • Open it in browser to get the panel access.
Hetty Panel
Hetty Panel
  • Now time to import CA certificate generated in above command prompt in your browser.
Import CA in hetty
Import CA in hetty
  • After importing CA cert, configure proxy on your browser.
proxy setup
proxy setup
  • After configuring you are ready to go, it will start intercepting HTTP(s) requests
hetty http(s) requests
hetty http(s) requests
  • You can also send request using this hetty.

Conclusion

So we saw the alternative to burp suite pro and it is very easy to use. As this is under development and more features will added to it.