#http

sulley
sulley

A pure-python fully automated and unattended fuzzing framework.

boofuzz
boofuzz

Network protocol fuzzing for humans.

The HTTP Garden
The HTTP Garden

Differential testing and fuzzing of HTTP servers and proxies.

pipedream
pipedream

Collect HTTP or webhook requests and inspect them in a human-friendly way.

webhook.site
webhook.site

Easily test HTTP webhooks with this handy tool that displays requests instantly.

hetty
hetty

An HTTP toolkit for security research.

zgrab
zgrab

Fast Go application scanner.

Modlishka
Modlishka

A powerful and flexible HTTP reverse proxy.

merlin
merlin

Cross-platform post-exploitation HTTP/2 Command & Control server and agent.

ipsourcebypass
ipsourcebypass

Bypass IP source restrictions using HTTP headers.

CLZero
CLZero

A project for fuzzing HTTP/1.1 CL.0 Request Smuggling attack vectors.

Redacted Request
Redacted Request

Enhance the security and confidentiality of HTTP request handling within the Burp Suite.

HTTP-traceroute
HTTP-traceroute

HTTP-traceroute in Go.

impacket
impacket

Collection of Python classes for working with network protocols.

PyExfil
PyExfil

Set as many exfiltration, techniques that CAN be used to bypass various.

Tamper Data
Tamper Data

View and modify HTTP requests before they are sent.

Tamper Dev
Tamper Dev

Allows you to intercept and edit HTTP/HTTPS requests and responses.

p0f
p0f

Identify the operating system of a target host simply by examining captured packets.

reDuh
reDuh

Create a TCP circuit through validly formed HTTP requests.

reGeorg
reGeorg

Pwn a bastion webserver and create SOCKS proxies through the DMZ.

weevely3
weevely3

Weaponized web shell.

Fiddler Everywhere
Fiddler Everywhere

Web debugging proxy for MacOS, Windows, and Linux.

Up HTTP Server
Up HTTP Server

Simple HTTP listener for security testing.

burp-exporter
burp-exporter

Copy a Burp Suite request to a file or the clipboard as multiple programming languages functions.

Nozaki
Nozaki

HTTP fuzzer engine security oriented.

pivotnacci
pivotnacci

A tool to make socks connections through HTTP agents.

Yet Another Sniffer
Yet Another Sniffer

A network analyzer that make easy to extract informations about network traffic.

safecopy
safecopy

Burp Extension for copying requests safely.

xxeserv
xxeserv

A mini webserver with FTP support for XXE payloads.

See-SURF
See-SURF

Detect Vulnerable SSRF parameters.

Turbo Intruder
Turbo Intruder

Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

headi
headi

Customisable and automated HTTP header injection.