Security
  • IT Security Knowledge Base
  • Blue team
    • Linux System Hardening
    • Phishing Analysis
    • Snort
    • Yara
  • Capture the Flag
    • OverTheWire
      • Bandit
        • Bandit Level 0
        • Bandit Level 0 → Level 1
        • Bandit Level 1 → Level 2
        • Bandit Level 2 → Level 3
        • Bandit Level 3 → Level 4
        • Bandit Level 4 → Level 5
        • Bandit Level 5 → Level 6
        • Bandit Level 6 → Level 7
        • Bandit Level 7 → Level 8
        • Bandit Level 8 → Level 9
        • Bandit Level 9 → Level 10
        • Bandit Level 10 → Level 11
        • Bandit Level 11 → Level 12
        • Bandit Level 12 → Level 13
        • Bandit Level 13 → Level 14
        • Bandit Level 14 → Level 15
        • Bandit Level 15 → Level 16
        • Bandit Level 16 → Level 17
        • Bandit Level 17 → Level 18
        • Bandit Level 18 → Level 19
        • Bandit Level 19 → Level 20
        • Bandit Level 20→ Level 21
        • Bandit Level 21→ Level 22
        • Bandit Level 22 → Level 23
        • Bandit Level 23 → Level 24
        • Bandit Level 24 → Level 25
        • Bandit Level 25 → Level 26
        • Bandit Level 26 → Level 27
        • Bandit Level 27 → Level 28
        • Bandit Level 28 → Level 29
        • Bandit Level 29 → Level 30
        • Bandit Level 30 → Level 31
        • Bandit Level 31 → Level 32
        • Bandit Level 32 → Level 33
    • OWASP Juice Shop
      • Installation
      • Level 1 - Challenges
      • Level 2 - Challenges
    • TryHackMe Rooms
      • Anthem
      • Capture!
      • Corridor
      • Gotta Catch'em All!
      • Mustacchio
      • Neighbour
      • Opacity
      • Source
    • CEH v12 practical resources
  • Cryptology
    • CryptoHack
      • Course: Introduction to CryptoHack
        • Introduction - Challenges
        • General - Encoding
        • General - XOR
      • Course: Modular Arithmetic
        • General - Mathematics
        • Mathematics - Modular Math
        • Mathematics - Brainteasers Part 1
      • Course: Symmetric Cryptography
        • How AES Works
        • Symmetric Starter
        • Block Ciphers
        • Stream Ciphers
  • Red Team
    • Reconnaissance
      • Foot-printing
      • Scanning (Nmap)
      • Enumeration
    • Vulnerability Analysis
    • Initial Access
      • Obtaining credentials
      • Vulnerability Exploitation
        • Buffer Overflow
        • Metasploit and Armitage
        • Ninja Jonin
    • Active Directory
      • Connect to AD
      • AD Explore
      • CMD and PowerShell enumeration
      • Certificates in AD
      • LDAP Pass-back Attacks
      • Cracking NetNTLM Challenge with Responder
      • Exploring Configuration Files for AD Credentials
      • Pass the hash with evil WinRM
      • Understanding Runas
    • Malware
    • Sniffing
      • Intercept HTTP traffic - Hetty
      • Intercept HTTP traffic - Bettercap
      • Wireshark
    • Social Engineering
    • Denial of Service
    • Web Hacking
      • Burp Suite
      • OWASP ZAP
      • Web servers
      • Web Server Footprinting
      • Directory Enumeration
      • Session Hijacking
      • Web Shells
      • Web vulnerability scanners
      • SQL Injection
    • Cloud
    • Wireless Networks
      • Attacking WEP
      • Attacking WPA/WPA2
    • Mobile Devices
    • Network Security Evasion
    • Privileges Escalation
    • Maintain Access and Hide Malicious Activity
      • Backdooring
    • Cover your Tracks
  • Internet of Things
    • IoT in general
    • Common IoT Protocols
      • CoAP
      • MQTT
      • ZIGBEE
      • Bluetooth
    • Scapy
      • Sniffing and spoofing
      • ARP cache Poisoning
  • Projects
    • Cybersecurity Roadshow
Powered by GitBook
On this page
  1. Red Team
  2. Sniffing

Intercept HTTP traffic - Hetty

PreviousSniffingNextIntercept HTTP traffic - Bettercap

Last updated 1 year ago

is a valuable HTTP toolkit designed for security research. Its purpose is to serve as an open-source alternative to commercial software like Burp Suite Pro, catering to the specific requirements of the InfoSec and bug bounty communities. Hetty empowers users to perform Man-in-the-Middle (MITM) attacks, manually create and edit HTTP requests, replay proxied requests for various HTTP clients, and intercept requests and responses for in-depth manual examination.

In this guide, we'll explore how to use Hetty to intercept HTTP traffic on a target system:

  1. When you run Hetty, an "Open File - Security Warning" window will appear. Click "Run" to proceed.

  2. After clicking "Run," a Command Prompt window will appear as Hetty initializes.

  3. Minimize all open windows and open a web browser (for example, Mozilla Firefox).

  4. In the browser's address bar, type "" and press Enter. This will open the Hetty dashboard.

  5. Within the Hetty dashboard, click the "MANAGE PROJECTS" button.

  6. The Projects page will appear. Under the "New Project" section, provide a project name and click the "+ CREATE & OPEN PROJECT" button.

  7. Select the "Proxy logs" icon from the left-hand navigation pane.

  8. Now, the target system needs to be configured to use Hetty (running on the attacking machine) as a proxy.

    • For Chrome:

      • Click the "Customize and control Google Chrome" icon and select "Settings."

      • In the "Settings" page, expand "Advanced settings" and click on "System" in the left-hand menu.

      • Click "Open your computer’s proxy settings" to configure a proxy.

      • In the "Manual proxy setup" section, make the following adjustments:

        • Turn on the "Use a proxy server" option.

        • In the "Address" field, enter the IP address of the attacking machine.

        • In the "Port" field, specify the port as 8080.

      • Click "Save" to save the settings.

      • After saving, close both the "Settings" and browser windows. The proxy settings on the victim's machine are now configured.

  9. You can now observe that the logs are being captured on the "Proxy logs" page.

Hetty
http://localhost:8080