htrace.sh
is a shell script for http/https troubleshooting and profiling. It's also a simple wrapper around several open source security tools.
For a more detailed understanding of htrace.sh
, its parameters, functions and how it all works, run htrace.sh --examples
or see the Wiki.
To install htrace.sh
itself:
# Clone this repository
git clone https://github.com/trimstray/htrace.sh
# Go into directory
cd htrace.sh
# Install
sudo ./setup.sh install
# Install dependencies (Debian 8/9, Ubuntu 18.x and MacOS support)
# - recommend build docker image or install dependencies manually
# - before init please see what it does and which packages are available on your repository
sudo ./dependencies.sh
# Show examples
htrace.sh --examples
# Run the app
htrace.sh -u https://nmap.org -s -h
- symlink to
bin/htrace.sh
is placed in/usr/local/bin
- man page is placed in
/usr/local/man/man8
or build docker image:
# Clone this repository
git clone https://github.com/trimstray/htrace.sh
# Go into directory and build docker image
cd htrace.sh && build/build.sh
# Run the app
docker run --rm -it --name htrace.sh htrace.sh -u https://nmap.org -s -h
Provides the following options:
htrace.sh v1.1.7
Usage:
htrace.sh <option|long-option> [value]
Examples:
htrace.sh -u https://example.com -s -h -b
htrace.sh -u https://example.com --all-scans
Options:
--help show this message
--version show script version
--examples show script examples
Standard:
-u|--url <value> set target url with http/https protocol
-s|--ssl show basic ssl server/connection parameters
-h|--headers show response headers
-b|--body show response body
-M|--req-method <value> set request method (default: GET)
-H|--req-header <value> set request header(s)
-p|--proxy <value> set proxy server (not for external tools)
-r|--resolve <value> resolve the host+port to this address
-i|--iface <value> set network interface (or address)
-a|--all-scans use all external security tools
Security tools:
--testssl test ssl protocols and ciphers (testssl.sh)
--observatory analyze website headers (mozilla observatory)
--ssllabs deep analysis of the ssl web server (ssllabs)
--mixed-content scan website for non-secure resources (mixed-content-scan)
--nse scan website and domain with nse library (nmap)
--waf detect and bypass web application firewalls (wafw00f)
--dns enumerate subdomains (subfinder) and perform zone transfer
--http2 test HTTP/2 (nghttp2)
Extended:
--ssl-bin <path> set path to the openssl bin
--ssl-debug debug ssl connection
--cache-bypass <value> try (proxy) cache bypass
--user-agent <value> set 'User-Agent' header
--referer <value> set 'Referer' header
--auth <value> set authentication method
--httpv <value> set http version
--tlsv <value> set tls version
--ciph <value> set of cryptographic algorithm
--max-redirects <num> set max redirects (default: 10)
--timeout <num> set max timeout (default: 15)
--hide-src-ip hide source ip from output
See this.
This project exists thanks to all the people who contribute.
GPLv3 : http://www.gnu.org/licenses/
Free software, Yeah!