HackTools++ : How to Use the Captured Requests Feature (Like BurpSuite, Inside Your Browser)

medium.com · Priyanshi Pawar · 2 days ago · tutorial
quality 7/10 · good
0 net
Tags
hacktoolsplusplus captured-requests burpsuite
HackTools++ : How to Use the Captured Requests Feature (Like BurpSuite, Inside Your Browser) | by Priyanshi Pawar - Freedium Milestone: 20GB Reached We’ve reached 20GB of stored data — thank you for helping us grow! Patreon Ko-fi Liberapay Close < Go to the original HackTools++ : How to Use the Captured Requests Feature (Like BurpSuite, Inside Your Browser) A powerful Chrome extension that captures and analyzes HTTP requests inside DevTools . No setup, no proxy configuration, no extra software! Priyanshi Pawar Follow ~3 min read · April 3, 2026 (Updated: April 3, 2026) · Free: Yes In this post, I'll walk you through the Captured Requests feature — one of the most powerful parts of HackTools++. 📹 Full Demo : What is HackTools++? HackTools++ is a Chrome DevTools extension that allows you to capture, inspect, filter, replay, and analyze HTTP requests made by any website — all from within your browser. Think of it as a lightweight Burp Suite that requires zero configuration. Getting Started 1. Install HackTools++ from the Chrome Web Store 2. Open any website in Chrome 3. Press F12 to open DevTools 4. Click on the HackTools++ tab 5. That's it — requests start getting captured automatically Feature 1: The Captured Requests List As soon as you land on a website, HackTools++ starts capturing all network requests in real time. Each row in the list shows you: Method — GET, POST, etc. Full endpoint URL Status code — 200, 302, 404, etc. Timestamp This gives you a complete picture of everything happening behind the scenes. Feature 2: Search The search bar at the top allows you to filter requests by URL keywords in real time. Just start typing a domain, subdomain, or endpoint — and the list instantly narrows down to only matching requests. This is especially useful when a busy website generates hundreds of requests and you need to find something specific quickly. Feature 3: Method Filter The All Methods dropdown lets you filter requests by their HTTP method. You can choose to view only GET requests, only POST requests, or any other method independently. This helps you focus on a specific type of traffic without being distracted by everything else. Feature 4: Status Code Filter The All Status dropdown lets you filter requests by their HTTP response code: 2xx — Successful requests 3xx — Redirects 4xx — Client errors 5xx — Server errors You can also combine the Method and Status filters together — for example filtering POST + 4xx will show you only failed POST requests. This combination is very powerful for quickly identifying errors and broken endpoints. Feature 5: Scope & Block This is where HackTools++ really stands out. Scope — Capture ONLY specific domains Add a domain to the Scope section and HackTools++ will ignore all traffic from every other domain. Only requests from your scoped domain will appear in the list. This is ideal when you want to focus your analysis on one particular target without noise from other tabs or background requests. Block — Exclude specific domains from capture Add a domain to the Block section and all requests from that domain will be completely excluded from the captured list. This is perfect for filtering out noisy internal subdomains or analytics endpoints that clutter your view. Using both together The real power comes when you use Scope and Block simultaneously. You can scope to a specific domain to focus your capture, while blocking certain subdomains within it that are irrelevant to your testing. This gives you surgical control over exactly what traffic you analyze. Feature 6: Copy as cURL Every captured request has a Copy as cURL button on the right side of its row. Clicking it copies the entire request — including all headers, cookies, request method, and body — as a ready-to-run cURL command. You can then paste and execute it in: Windows Command Prompt PowerShell Git Bash Any terminal on Mac or Linux This allows you to replay any request completely outside the browser, which is extremely useful for security testing, API debugging, and automation. #web-security #chrome-dev-tools #penetration-testing #bug-bounty #cybersecurity Reporting a Problem Sometimes we have problems displaying some Medium posts. If you have a problem that some images aren't loading - try using VPN. Probably you have problem with access to Medium CDN (or fucking Cloudflare's bot detection algorithms are blocking you).
← Back to stories