Skip to content

Releases: projectdiscovery/httpx

v1.1.1

09 Aug 13:34
@ehsandeep ehsandeep
v1.1.1
5fef6f6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.1

Changelog

  • Added probe flag to display probed status #319
  • Added scan pause/resume support. #219
  • Added rate limit support with rate-limit flag #315
  • Added probe information in JSON output #319
  • Added original input information in JSON output #319
  • Added exclude-cdn support with ports flag #328
  • Added non-ascii input support in paths with unsafe flag #331
  • Added response-size-to-save flag #325
  • Fixed a bug with deny flag #317
  • Fixed a bug with response-size-to-read flag #325
  • Fixed a bug in stats calculation #342
Assets 11

v1.1.0

24 Jun 08:36
@ehsandeep ehsandeep
v1.1.0
f16e7f4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.0

Changelog

Assets 12

v1.0.9

31 May 10:41
@ehsandeep ehsandeep
v1.0.9
8ca8aaa
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.9

Changelog

bbca0d9 Crash bugfix - #290

Assets 11

v1.0.8

26 May 20:38
@ehsandeep ehsandeep
v1.0.8
cc9ee63
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.8

Changelog

d588ef6 Fixed fallback logic
a9961d4 Added no-fallback-scheme flag to process user defined HTTP scheme as input

Assets 11

v1.0.7

26 May 00:26
@ehsandeep ehsandeep
v1.0.7
bbc8e48
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.7

Changelog

f2504f2 Fixed a severe bug with URL parsing introduced in the v1.0.6 release #277 📝 @osamahamad @vysecurity
efd8343 Fixed an issue with http2 causing issues with burp proxy #274 📝@0x0msg
fb5a8f6 Added support to print followed URLs in the output #215 💡@JoshuaMart
be85cbc Added support to follow 307/308 based redirects #280 💡 @stigkj
51da009 Added TLS fingerprint hash information in the JSON output #221
c1ee06a Added support to respect user-defined HTTP schema in the input #273 by @Becivells

Assets 11

v1.0.6

06 May 13:52
@ehsandeep ehsandeep
v1.0.6
1ee02a5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.6

Changelog

7e459a6 Fixed a bug with hosts running websocket causing never ending httpx scan.
e9bb05d Fixed a bug with POST request method.
28ef5a1 Fixed a bug to output ip/cname when port as input is used by @iflody
b801730 Fixed a bug with unsafe flag.
708fbc2 Added support to display redirect chain with follow-redirects flag
62c32ca Added support to store redirect chain data with store-chain flag
780199f Added glob support to read multiple files as input (-l "subdomains-to-probe/*")
aa2e70f Added allow flag to whitelist IPs/CIDRs for probing.
aa2e70f Added deny flag to block IPs/CIDRs for probing.
f560d24 Added max-response-body-size flag to define max response body size.
a387acc Added extract-regex flag to print custom strings from response to CLI.
0582ec9 Auto-enabled tls-grab when tls-probe flag is used.
dbd75f4 Updated to latest wappalyzergo release.

Assets 11

v1.0.5

10 Apr 09:59
@ehsandeep ehsandeep
v1.0.5
dc89316
Compare
Choose a tag to compare
v1.0.5

Changelog

07bff31 Added wappalyzergo based technology detection (-tech-detect)
2112a44 Added file based paths input support (-paths)
f8104ae Added random user agent support (-random-agent)
782cdcf Added syscall fallback support.
9ddeea3 Updated title extraction with improved regex
bfbf2b6 Fixed duplicate result when input CIDR targets
49e0aad JSON output improvements.

Notable flag changes:-

  • include-response flag instead of response-in-json
  • response-in-json is still supported but deprecated flag.
  • tls-grab is now optional instead of default.
  • tls-probe now can be used along with tls-grab

Notable JSON output changes:-

  • Newly added fields:- timestamp, request,scheme,port, path, body_sha256, header_sha256
  • Updated fields:- serverResponse with response-body, ip with host, ips with a, tls with tlsgrab

Example of default updated JSON output:-

{
  "timestamp": "2021-04-10T00:19:54.505279+05:30",
  "scheme": "https",
  "port": "443",
  "path": "/",
  "body-sha256": "bf697861898d0a7fabf4886f0eb238a440f45622e062ef40ac266e5575796347",
  "header-sha256": "4196b49038b99831b6d3fc40100162cabf81ac2718cd01e21efd5ba3926d1dfa",
  "a": [
    "104.16.99.52",
    "104.16.100.52"
  ],
  "url": "https://hackerone.com",
  "location": "https://www.hackerone.com/",
  "webserver": "cloudflare",
  "content-type": "text/html",
  "method": "GET",
  "host": "104.16.99.52",
  "content-length": 92,
  "status-code": 301,
  "csp": {
    "domains": [
      "www.google-analytics.com",
      "errors.hackerone.net",
      "cover-photos.hackerone-user-content.com",
      "hackathon-photos.hackerone-user-content.com",
      "profile-photos.hackerone-user-content.com",
      "hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com",
      "https://errors.hackerone.net/api/30/csp-report/?sentry_key=374aea95847f4040a69f9c8d49a3a59d",
      "www.youtube-nocookie.com"
    ]
  },
  "response-time": "547.188917ms"
}
Assets 11

v1.0.4

10 Apr 09:45
@ehsandeep ehsandeep
v1.0.4
39c06c6
Compare
Choose a tag to compare
v1.0.4 
Bump go.mod
Assets 11
0 Join discussion

v1.0.3

17 Nov 21:10
@ehsandeep ehsandeep
v1.0.3
f8818c1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.3

Changelog

Added:-

5869dfb Added Progress bar support (-stats)
2c44440 Added Skipping HTTP if HTTPS found (-no-fallback)
3a5c564 Added custom scheme support (-ports http:443 https:8443)
389b50e Added Response time flag (-response-time)
6497301 Added Raw HTTP support (-unsafe)
28f630c Added support for IPv6 hosts
e2917db Added Support for hmap (input dedupe)

Updated:-

090c534 Improved readability and error handling by @melardev
8289f46 Made string matching case insensitive
d4e72d8 Made CDN flag optional
67c53a9 Updated title regex
3a5c564 Code Refactor

Fixed:-

6bde867 Fixed bug with stdin input by @vzamanillo
1a5a4da FIxed a bug with CDN blocking

Assets 10

v1.0.2

22 Sep 06:37
@ehsandeep ehsandeep
v1.0.2
4129b88
Compare
Choose a tag to compare
v1.0.2

Changelog

f38a58b Added IP extraction
9b8550e Added CNAME extraction
5a7ec28 Added CDN check
edb9e1b Added String based match/filter
edb9e1b Added Regex based match/filter
ca20e55 Bug fix with CSP extraction
f71cb97 Bug fix bug with store-response flag

Assets 10