Details

Category: Network

Publisher: trickest

Created Date: 6/23/2021

Container: quay.io/trickest/httpx:v1.6.8-patch-1

Source URL: https://github.com/projectdiscovery/httpx

Parameters

x
string
Command: -x - request methods to probe, use 'all' to probe all HTTP methods
ip
boolean
Command: -ip - display host ip
asn
boolean
Command: -asn - display host asn information
cdn
boolean
Command: -cdn - display cdn in use
csv
boolean
Command: -csv - store output in csv format
body
file
Command: -body - post body to include in http request
deny
string
Command: -deny - denied list of IP/CIDR's to process (comma separated)
hash
string
Command: -hash - display response body hash (supported: md5,mmh3,simhash,sha1,sha256,sha512)
jarm
boolean
Command: -jarm - display jarm fingerprint hash
json
boolean
Command: -json - store output in JSONL(ines) format
list
file
required
Command: -list - input file containing list of hosts to process
path
string
Command: -path - path or list of paths to probe (comma-separated)
ztls
boolean
Command: -ztls - use ztls library with autofallback to standard one for tls13
allow
string
Command: -allow - allowed list of IP/CIDR's to process (comma separated)
cname
boolean
Command: -cname - display host cname
debug
boolean
Command: -debug - display request/response content in cli
delay
string
Command: -delay - duration between each http request (eg: 200ms, 1s) (default -1ns)
http2
boolean
Command: -http2 - probe and display server supporting HTTP2
ports
string
Command: -ports - ports to probe (nmap syntax: eg http:1,2-10,11,https:80)
probe
boolean
Command: -probe - display probe status
stats
boolean
Command: -stats - display scan statistic
title
boolean
Command: -title - display page title
vhost
boolean
Command: -vhost - probe and display server supporting VHOST
config
file
Command: -config - path to the httpx configuration file
header
string
Command: -header - custom http headers to send with request
method
boolean
Command: -method - display http request method
silent
boolean
Command: -silent - silent mode
target
string
Command: -target - input target host(s) to probe
unsafe
boolean
Command: -unsafe - send raw requests skipping golang normalization
exclude
string
Command: -exclude - exclude host matching specified filter ('cdn', 'private-ips', cidr, ip, regex)
favicon
boolean
Command: -favicon - display mmh3 hash for '/favicon.ico' file
request
file
Command: -request - file containing raw request
retries
string
Command: -retries - number of retries
threads
string
Command: -threads - number of threads to use (default 50)
timeout
string
Command: -timeout - timeout in seconds (default 5)
verbose
boolean
Command: -verbose - verbose mode
location
boolean
Command: -location - display response redirect location
pipeline
boolean
Command: -pipeline - probe and display server supporting HTTP1.1 pipeline
protocol
string
Command: -protocol - protocol to use (unknown, http11)
sni-name
string
Command: -sni-name - custom TLS SNI name
tls-grab
boolean
Command: -tls-grab - perform TLS(SSL) data grabbing
csp-probe
boolean
Command: -csp-probe - send http probes on the extracted CSP domains
debug-req
boolean
Command: -debug-req - display request content in cli
deny-list
file
Command: -deny - denied list of IP/CIDR's to process
match-cdn
string
Command: -match-cdn - match host with specified cdn provider (azure, cloudflare, cloudfront, fastly, incapsula, oracle, google, sucuri, leaseweb, akamai)
no-decode
boolean
Command: -no-decode - avoid decoding body
omit-body
boolean
Command: -omit-body - omit response body in output
path-list
file
Command: -path - list of paths to probe
resolvers
string
Command: -resolvers - list of custom resolvers (comma separated)
tls-probe
boolean
Command: -tls-probe - send http probes on the extracted TLS domains (dns_name)
websocket
boolean
Command: -websocket - display server using websocket
allow-list
file
Command: -allow - allowed list of IP/CIDR's to process
debug-resp
boolean
Command: -debug-resp - display response content in cli
filter-cdn
string
Command: -filter-cdn - filter host with specified cdn provider (azure, cloudflare, cloudfront, fastly, incapsula, oracle, google, sucuri, leaseweb, akamai)
http-proxy
string
Command: -http-proxy - http proxy to use (eg http://127.0.0.1:8080)
line-count
boolean
Command: -line-count - display response body line count
match-code
string
Command: -match-code - match response with specified status code (-mc 200,302)
rate-limit
string
Command: -rate-limit - maximum requests to send per second (default 150)
web-server
boolean
Command: -web-server - display server name
word-count
boolean
Command: -word-count - display response body word count
filter-code
string
Command: -filter-code - filter response with specified status code (-fc 403,401)
header-file
file
Command: -header-file - custom http headers to send with request
match-regex
string
Command: -match-regex - match response with specified regex (-mr admin)
no-fallback
boolean
Command: -no-fallback - display both probed protocol (HTTPS and HTTP)
status-code
boolean
Command: -status-code - display response status-code
tech-detect
boolean
Command: -tech-detect - display technology in use based on wappalyzer dataset
vhost-input
boolean
Command: -vhost-input - get a list of vhosts as input
body-preview
boolean
Command: -body-preview - display first N characters of response body (default 100)
content-type
boolean
Command: -content-type - display response content-type
extract-fqdn
boolean
Command: -extract-fqdn - get domain and subdomains from response body and header in jsonl/csv output
filter-regex
string
Command: -filter-regex - filter response with specified regex (-fe admin)
health-check
boolean
Command: -health-check - run diagnostic check up
match-length
string
Command: -match-length - match response with specified content length (-ml 100,102)
match-string
string
Command: -match-string - match response with specified string (-ms admin)
random-agent
boolean
Command: -random-agent - enable Random User-Agent to use (default true)
respect-hsts
boolean
Command: -respect-hsts - respect HSTS response headers for redirect requests
extract-regex
string
Command: -extract-regex - display response content with matched regex
filter-length
string
Command: -filter-length - filter response with specified content length (-fl 23,33)
filter-string
string
Command: -filter-string - filter response with specified string (-fs admin)
include-chain
boolean
Command: -include-chain - include redirect http chain in JSON output (-json only)
match-favicon
string
Command: -match-favicon - match response with specified favicon hash (-mfc 1494302000)
max-redirects
string
Command: -max-redirects - max number of redirects to follow per host (default 10)
probe-all-ips
boolean
Command: -probe-all-ips - probe all the ips associated with same host
response-time
boolean
Command: -response-time - display response time
content-length
boolean
Command: -content-length - display response content-length
extract-preset
string
Command: -extract-preset - display response content matched by a pre-defined regex (url,ipv4,mail)
filter-favicon
string
Command: -filter-favicon - filter response with specified favicon hash (-mfc 1494302000)
max-host-error
string
Command: -max-host-error - max error count per host before skipping remaining path/s (default 30)
resolvers-file
file
Command: -resolvers - list of custom resolvers
stats-interval
string
Command: -stats-interval - number of seconds to wait between showing a statistics update (default: 5)
match-condition
string
Command: -match-condition - match response with dsl expression condition
tls-impersonate
boolean
Command: -tls-impersonate - enable random tls client (ja3) impersonation (experimental)
filter-condition
string
Command: -filter-condition - filter response with dsl expression condition
follow-redirects
boolean
Command: -follow-redirects - follow http redirects
include-response
boolean
Command: -include-response - include http request/response in JSON output (-json only)
match-line-count
string
Command: -match-line-count - match response body with specified line count (-mlc 423,532)
match-word-count
string
Command: -match-word-count - match response body with specified word count (-mwc 43,55)
filter-error-page
boolean
Command: -filter-error-page - filter response with ML based error page detection
filter-line-count
string
Command: -filter-line-count - filter response body with specified line count (-flc 423,532)
filter-word-count
string
Command: -filter-word-count - filter response body with specified word count (-fwc 423,532)
rate-limit-minute
string
Command: -rate-limit-minute - maximum number of requests to send per minute
list-dsl-variables
boolean
Command: -list-dsl-variables - list json output field keys name that support dsl matcher/filter
no-fallback-scheme
boolean
Command: -no-fallback-scheme - probe with protocol scheme specified in input
csv-output-encoding
string
Command: -csv-output-encoding - define output encoding
leave-default-ports
boolean
Command: -leave-default-ports - leave default http/https ports in host header (eg. http://host:80 - https//host:443
match-response-time
string
Command: -match-response-time - match response with specified response time in seconds (-mrt '< 1')
filter-response-time
string
Command: -filter-response-time - filter response with specified response time in seconds (-frt '> 1')
follow-host-redirects
boolean
Command: -follow-host-redirects - follow redirects on the same host
response-size-to-read
string
Command: -response-size-to-read - max response size to read in bytes (default 2147483647)
response-size-to-save
string
Command: -response-size-to-save - max response size to save in bytes (default 2147483647)
include-response-base64
boolean
Command: -include-response-base64 - include base64 encoded http request/response in JSON output (-json only)
include-response-header
boolean
Command: -include-response-header - include http response (headers) in JSON output (-json only)