CatEars is a small HTTP listener, born from my frustrations with Burp Collaborator's limitations and cost. It was originally written in Racket, and ported to Gleam as much out of curiosity as anything else. The Gleam implementation turned out to have significantly lower baseline memory requirements, and I found Gleam very pleasant to write, so it replaced the original.
I've found it quite helpful for CTF challenges involving SSRF and XSS.
Please use responsibly :)
The included Dockerfile should work nicely with various cloud services,
or it can be run behind a reverse proxy like Ngrok. It listens on port 8080
by default.
Example configs are included for cloud services I've used to deploy CatEars.
cp service.example.yaml service.yaml- edit container image URL to point to your container image
gcloud run services replace ./service.yaml
CatEars fits in the smallest supported instance specs, and is meant to fit within Cloud Run's free tier for normal pentest/bug-bounty use.
fly launch in the top-level project directory will deploy CatEars with
Fly.io's minimum supported infrastructure specs (afaik).
note: Fly.io doesn't have a "free tier" like GCP/AWS, but they sponsor Gleam and I think that's pretty cool.
I built this for myself, and open-sourced it in case someone else might find it useful. Issues and PRs are welcome, but please keep in mind that I have a day job and make take a day or three to respond.
gleam run # Run the project
gleam test # Run the tests
gleam shell # Run an Erlang shell