Professional Community
HTTP Hacker is a unique Burp extension designed for advanced interaction and control over HTTP servers and proxies using persistent TCP/TLS connections. It offers complete visibility of HTTP messages without any automatic parsing and provides direct access to request and response queues. To simplify the modeling of intricate proxy behavior and network interactions, a visual drag and drop interface and built-in testing framework are also included.
To configure aspects of a connection, you can define the Host (target domain or IP address), Port (the port to connect to on the target server), and enable TLS for a secure connection.
The Stream tab allows you the freedom to interact with a specific connection. Here, you can use various controls to:
The extension also features multiple HTTP editors for the manipulation of traffic at different stages of the connection. This includes panels such as:
You can quickly view and edit features of the request using the interactive features in the Stream tools side panel. This functionality allows you to take full control over HTTP connections and tailor them to your specific needs.
Copyright © 2025 PortSwigger Ltd.
Author |
Author
Martin Doyhenard, PortSwigger |
---|---|
Version |
Version
1.0.0 |
Rating |
Rating |
Popularity |
Popularity |
Last updated |
Last updated
06 August 2025 |
Estimated system impact |
Estimated system impact
Overall impact: Empty
Memory
Empty
CPU
Empty
General
Empty
Scanner
Empty
|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|
You can view the source code for all BApp Store extensions on our GitHub page. |
|
Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates. |
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.