Research and Development

hoppy is python script to probe HTTP options and perform scanning for information disclosure issues.

hoppy is a http options prober written in python. It checks the availability of HTTP methods as well as probing them to see if they can be forced to disclose system information.

Key features

  • HTTP Method detection, TRACK, TRACE, PUT etc
  • Internal IP address disclosure detection
  • Internal Path Disclosure detection
  • Transparent working so you can see exactly what it did
  • Data extraction
  • Spider to find directories for webDAV detection
  • ms09-020 IIS auth bypass check on all discovered directories

Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)