40

My simple Swiss Army knife for HTTP/HTTPS troubleshooting and profiling

 5 years ago
source link: https://www.tuicool.com/articles/hit/EbiiQbF
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

htrace.sh

BzyuMvQ.png!web

Created by trimstray and contributors

Description

htrace.sh is a shell script for http/https troubleshooting and profiling. It's also a simple wrapper script around several open source security tools.

How To Use

Detailed understanding all parameters and how it works, see Wiki .

It's simple:

# Clone this repository
git clone https://github.com/trimstray/htrace.sh

# Go into the repository
cd htrace.sh

# Install
./setup.sh install

# Run the app
htrace.sh -d http://nmap.org -s -h
  • symlink to bin/htrace.sh is placed in /usr/local/bin
  • man page is placed in /usr/local/man/man8

Parameters

Provides the following options:

htrace.sh v1.1.0

Usage:
    htrace.sh <option|long-option>

  Examples:
    htrace.sh -d https://example.com -s -h --testssl --ssllabs
    htrace.sh -d https://example.com -h -M 'POST:name=admin#=12'
    htrace.sh --domain https://example.com --cache-bypass "?${RANDOM}"
    htrace.sh --domain https://example.com --ssl --headers --proxy "socks5h://127.0.0.1:9501"

  Options:
        --help                                show this message
        -d|--domain <domain_name>             set domain name
        -s|--ssl                              show basic ssl server/connection parameters
        -h|--headers                          show response headers
        -b|--body                             show response body
        -M|--req-method <value>               set request method (default: GET)
        -H|--req-header <value>               set request header(s)
        -p|--proxy <value>                    set proxy server (not for external tools)
        --testssl                             test ssl protocols and ciphers with testssl.sh
        --observatory                         scan domain with mozilla observatory security tool
        --ssllabs                             scan domain with ssllabs security tool
        --mixed-content                       scan website for mixed content
        --nse                                 scan website with nmap nse library
        --cache-bypass <value>                try (proxy) cache bypass
        --user-agent <value>                  set 'User-Agent' header
        --max-redirects <num>                 set max redirects (default: 10)
        --timeout <num>                       set max timeout (default: 15)
        --hide-src-ip                         hide source ip from output

Contributing

See this .

License

GPLv3 : http://www.gnu.org/licenses/

Free software, Yeah!


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK