I was skeptical when I first saw this come across Packetstorm, but I gave it a shot, like most tools that come rifling through there. I believe that if you make a security tool intended for UNIX it had better have a version compatible with Debian, the most popular OS for quick security testing.It is easy to install and ran great the very first time with no problems. I was hesitant before because this kind of task can already be done with tools provided by UNIX already and I am not sure what kind of use this tool has for security when other tools are out there. If the project keeps moving forward it could be a seriously handy tool.
In the description it says it doesn't handle the analysis of the HTTP traffic it has logged, maybe that is something to mess with, or maybe I will make a parser. However, anything logged to files can be easily pulled with Regular Expressions. Here are the steps to install httpry 0.1.6 from Packetstorm.
- wget http://packetstorm.igor.onlinedirect.bg/sniffers/httpry-0.1.6.tar.gz
- tar -xvf httpry-0.1.6.tar.gz
- cd httpry-0.1.6
- make
- ./httpry
to stop capturing I simply issued a ctrl+c and it closed it for me and told me how many packets were logged. There is an extensive README file which can help you discover more. I think this is and will continue to be a good tool for securing yourself against http infections. Here are some command line switches for reference:
- -b FILE
- -d
- -f FORMAT
- -F
- -h
- -i
- -m METHODS
- -n COUNT
- -o FILE
- -p
- -q
- -r FILE
- -t SECONDS
- -u USER
No comments:
Post a Comment