Httpx Advanced Tool for Penetration Tester

Hello everyone, hope everyone is well, Today we are going to take a look at one of the project discovery tools for penetration tester httpx. HTTPX is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryable HTTP library, designed to maintain result reliability with increased threads.

Httpx is a new generation tool to gather information about our target which is developed based on Golang httpx which makes the testing phase more easy and complex.

What advantage of httpx tool?
  • The simple and modular code base makes it easy to contribute.
  • Fast and fully configurable flags for checking multiple elements.
  • vHost supports URL, port, title, content length, status code, and response-body checking.
  • Smart auto fallback from https to http by default.
  • Supports Host, URL, and CIDR as input.
  • Handles edge cases while retrying, back, etc. to handle WAF.
  • User-friendly easy to use

Httpx helps in gathering information which helps in finding vulnerabilities and verifying attack vectors affecting web applications. which is basically based on domain enumeration which helps to locate the status code from the given subdomain, prints the content type, prints the page title if available, locates the host from the list of subdomains and we can define specific port ranges.

Using Httpx: How to Install:

→ git clone

→ cd httpx/cmd/httpx
→ Go build.
→ mv httpx /usr/local/bin/
→ httpx -h

Now, after successfully installing we need to run the command to open httpx:

httpx -h

We can verify the usage of httpx by using -h as in the above command.

Now, when running httpx with stdin standard input we will use the command:

-> cat domain.txt | https

The above returns all matches from our given domain list.

Now, when running httpx with CIDR input classless inter-domain routing we will use the command:

→ echo | https

As per the above picture which helps to detect all IP ranges we have used CIDR input to detect all possible fields from our supplied target.

Now, we can use httpx with sub finder to find all subdomains with their response and title of all subdomains, here we will use the: (You have to install sub finder first) command:

→ sub finder -d -Silent | httpx -title -content-length -status-code

As per the above, we detect possible subdomains from our target domain with title length and status code, we used -d for domain extension – title for output – title with length – status for their response -code

So today we have discussed how httpx makes our testing phase easy and flexible, we can collect possible information about our target which is also said to be time-consuming. We discussed how many different commands we used to find viable information about our target.

Hope you enjoyed and learned another exciting tool for penetration testers.

For more references: Github

Stay connected with our blogs: Blogs


Pallab Jyoti Bora

VAPT Analyzer

Table of Contents

Social Media