Day 53/100 Hack and Improvement

less than 1 minute read

Day 53 comes with a pretty handy tool for recon called httpx and some of its basic usage.

Killing it with httpx

Coming from a network pentesting background, CIDR ranges are beautiful to me. Trying nmap to scan the ports (which takes quiet long time), and using masscan on my VPS, I needed something just to resolve the CIDR into urls wheter their using HTTPS or not. Fortunately, instead of going for the long path of scanning the while CIDR range with masscan, and using the script from nmap to check the title, I found httpx pretty useful this time. It’s like httprobe, but high on steroids. Big thanks to the people from projectdiscovery.

Usage

Having already your domain list? No problem, httpx got you covered. Wheter you need the title, status code, and content lenght httpx will make it fast and easier. Remember to read the user’s guide from their github page.

For normal HTTP probe

cat domain-list.txt | httpx 

Wanna include title, status code, and content lenght?

cat domain-list.txt | httpx -title -content-length -status-code

My favorite, with CIDR ranges

echo "10.10.10.10/28" | httpx 

nmap scan

Leave a comment