httpx v1.3.5 releases: fast and multi-purpose HTTP toolkit
httpx
httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
Features
- Simple and modular codebase making it easy to contribute.
- Fast And fully configurable flags to probe multiple elements.
- Supports vhost, urls, ports, title, content-length, status-code, response-body probbing.
- Smart auto fallback from https to http as default.
- Supports hosts, URLs, and CIDR as input.
- Handles edge cases doing retries, backoffs, etc for handling WAFs.
Changelog v1.3.5
🎉 New Features
- Added flag to preview N characters from the response by @RamanaReddy0M in #1316
-bp, -body-preview display first N characters of response body (default 100)
-rhsts, -respect-hsts respect HSTS response headers for redirect requests
- Added option to include response headers in JSONL output by @JoshuaMart in #1326
-irh, -include-response-header include http response (headers) in JSON output (-json only)
-ehb, -exclude-headless-body enable excluding headless header from json output
-esb, -exclude-screenshot-bytes enable excluding screenshot bytes from json output
🐞 Bug Fixes
- Fixed issue with DNS record when
-ports
option is used by @kz0ltan in #1347 - Fixed with
-ec
option to exclude WAF by @JoshuaMart in #1341 - Fixed issue with DSL filter and matcher by @dogancanbakir in #1313
- Fixed issue with raw response to make it RFC compliant by @dogancanbakir in #1337
- Fixed issue with favicon option with external host by @dogancanbakir in #1339
- Fixed issue screenshot path on WSL issue by @dogancanbakir in #1340
- Fixed minor issues with screenshot option by @dogancanbakir in #1353
Other Changes
- Fixed typo in runner/options.go by @DroidKali in #1310
- Updated integration by @0xGwyn in #1319
Use
httpx -h
This will display help for the tool. Here are all the switches it supports.
Flag | Description | Example |
---|---|---|
-H | Custom Header input |
httpx -H 'x-bug-bounty: hacker' |
-follow-redirects | Follow URL redirects (default false) |
httpx -follow-redirects |
-http-proxy | URL of the proxy server |
httpx -http-proxy hxxp://proxy-host:80 |
-l | File containing host/urls to process |
httpx -l hosts.txt |
-l | File containing CIDR to process |
httpx -l cidr.txt |
-no-color | Disable colors in the output. |
httpx -no-color |
-o | File to save output result (optional) |
httpx -o output.txt |
-json | Prints all the probes in JSON format (default false) |
httpx -json |
-vhost | Probes to detect vhost from list of subdomains |
httpx -vhost |
-threads | Number of threads (default 50) |
httpx - threads 100 |
-ports | Ports ranges to probe (nmap syntax: eg 1,2-10,11) |
httpx -ports 80,443,100-200 |
-title | Prints title of page if available |
httpx -title |
-content-length | Prints content length in the output |
httpx -content-length |
-status-code | Prints status code in the output |
httpx -status-code |
-web-server | Prints running web sever if available |
httpx -web-server |
-store-response | Store response as domain.txt |
httpx -store-response |
-store-response-dir | Directory to store response (default current path) |
httpx -store-response-dir output |
-retries | Number of retries |
httpx -retries |
-silent | Prints only results in the output |
httpx -silent |
-timeout | Timeout in seconds (default 5) |
httpx -timeout 10 |
-verbose | Verbose Mode |
httpx -verbose |
-version | Prints current version of the httpx |
httpx -version |
-x | Request Method (default ‘GET’) |
httpx -x HEAD |
Download & Tutorial
Copyright (c) Exposed Atoms Pvt Ltd