htrace.sh
→ View on GitHubAI Summary:
htrace.shis a shell script designed for troubleshooting and profiling HTTP/HTTPS communications, serving as a wrapper for various open-source security tools. Its primary use case includes diagnosing web application vulnerabilities, analyzing SSL configurations, and extracting response headers and body content through an array of customizable parameters and options. Notable features include the ability to integrate with tools such as testssl, Mozilla’s Observatory, and Nmap’s NSE for comprehensive security assessments.
README
Description
htrace.sh is a shell script for http/https troubleshooting and profiling. It’s also a simple wrapper around several open source security tools.
For a more detailed understanding of htrace.sh, its parameters, functions and how it all works, run htrace.sh --examples or see the Wiki.
Preview
How To Use
To install htrace.sh itself:
# Clone this repository
git clone https://github.com/trimstray/htrace.sh
# Go into directory
cd htrace.sh
# Install
sudo ./setup.sh install
# Install dependencies (Debian 8/9, Ubuntu 18.x and MacOS support)
# - recommend build docker image or install dependencies manually
# - before init please see what it does and which packages are available on your repository
sudo ./dependencies.sh
# Show examples
htrace.sh --examples
# Run the app
htrace.sh -u https://nmap.org -s -h
- symlink to
bin/htrace.shis placed in/usr/local/bin- man page is placed in
/usr/local/man/man8
or build docker image:
# Clone this repository
git clone https://github.com/trimstray/htrace.sh
# Go into directory and build docker image
cd htrace.sh && build/build.sh
# Run the app
docker run --rm -it --name htrace.sh htrace.sh -u https://nmap.org -s -h
Parameters
Provides the following options:
htrace.sh v1.1.7
Usage:
htrace.sh <option|long-option> [value]
Examples:
htrace.sh -u https://example.com -s -h -b
htrace.sh -u https://example.com --all-scans
Options:
--help show this message
--version show script version
--examples show script examples
Standard:
-u|--url <value> set target url with http/https protocol
-s|--ssl show basic ssl server/connection parameters
-h|--headers show response headers
-b|--body show response body
-M|--req-method <value> set request method (default: GET)
-H|--req-header <value> set request header(s)
-p|--proxy <value> set proxy server (not for external tools)
-r|--resolve <value> resolve the host+port to this address
-i|--iface <value> set network interface (or address)
-a|--all-scans use all external security tools
Security tools:
--testssl test ssl protocols and ciphers (testssl.sh)
--observatory analyze website headers (mozilla observatory)
--ssllabs deep analysis of the ssl web server (ssllabs)
--mixed-content scan website for non-secure resources (mixed-content-scan)
--nse scan website and domain with nse library (nmap)
--waf detect and bypass web application firewalls (wafw00f)
--dns enumerate subdomains (subfinder) and perform zone transfer
--http2 test HTTP/2 (nghttp2)
Extended:
--ssl-bin <path> set path to the openssl bin
--ssl-debug debug ssl connection
--cache-bypass <value> try (proxy) cache bypass
--user-agent <value> set 'User-Agent' header
--referer <value> set 'Referer' header
--auth <value> set authentication method
--httpv <value> set http version
--tlsv <value> set tls version
--ciph <value> set of cryptographic algorithm
--max-redirects <num> set max redirects (default: 10)
--timeout <num> set max timeout (default: 15)
--hide-src-ip hide source ip from output
Contributing
See this.
Code Contributors
This project exists thanks to all the people who contribute.
License
GPLv3 : http://www.gnu.org/licenses/
Free software, Yeah!