From aa7693da0a03f7223179ce0869353a2f0101ba80 Mon Sep 17 00:00:00 2001 From: LuitelSamikshya Date: Wed, 29 Sep 2021 13:43:54 -0500 Subject: [PATCH] added goflags support --- README.md | 228 +++++++++++++++++----------------------------- go.mod | 3 + go.sum | 4 + runner/options.go | 171 +++++++++++++++++++--------------- 4 files changed, 187 insertions(+), 219 deletions(-) diff --git a/README.md b/README.md index 55e7773..a8ebb80 100644 --- a/README.md +++ b/README.md @@ -77,150 +77,90 @@ This will display help for the tool. Here are all the switches it supports. 👉 httpx help menu 👈 ``` - -H value - Custom Header to send with request - -allow value - Allow list of IP/CIDR's to process (file or comma separated) - -body string - Content to send in body with HTTP request - -cdn - Diplay CDN - -cname - Display Host cname - -content-length - Display HTTP response content length - -content-type - Display content-type header - -csp-probe - Send HTTP probes on the extracted CSP domains - -csv - Display output in CSV format - -debug - Debug mode - -deny value - Deny list of IP/CIDR's to process (file or comma separated) - -exclude-cdn - Skip full port scans for CDNs (only checks for 80,443) - -extract-regex string - Display response content with matched regex - -fc string - Filter response with specific status code (-fc 403,401) - -filter-regex string - Filter response with specific regex - -filter-string string - Filter response with specific string - -fl string - Filter response with specific content length (-fl 23) - -follow-host-redirects - Only Follow redirects on the same host - -follow-redirects - Follow HTTP Redirects - -http-proxy string - HTTP Proxy, eg http://127.0.0.1:8080 - -http2 - HTTP2 probe - -include-chain - Show Raw HTTP Chain In Output (-json only) - -include-response - Show Raw HTTP response In Output (-json only) - -ip - Display Host IP - -json - Display output in JSON format - -l string - Input file containing list of hosts to process - -location - Display location header - -match-regex string - Match response with specific regex - -match-string string - Match response with specific string - -max-host-error int - Max error count per host before skipping remaining path/s (default 30) - -max-redirects int - Max number of redirects to follow per host (default 10) - -mc string - Match response with specific status code (-mc 200,302) - -method - Display request method - -ml string - Match response with specific content length (-ml 102) - -no-color - Disable colored output - -no-fallback - Probe both protocol (HTTPS and HTTP) - -no-fallback-scheme - Probe with input protocol scheme - -o string - File to write output to (optional) - -path string - Request path/file (example '/api') - -paths string - Command separated paths or file containing one path per line (example '/api/v1,/apiv2') - -pipeline - HTTP1.1 Pipeline probe - -ports value - Port ranges to scan (nmap syntax: eg 1,2-10,11) - -probe - Display probe status - -random-agent - Use randomly selected HTTP User-Agent header value (default true) - -rate-limit int - Maximum requests to send per second (default 150) - -request string - File containing raw request - -response-in-json - Show Raw HTTP response In Output (-json only) (deprecated) - -response-size-to-read int - Max response size to read in bytes (default - unlimited) (default 2147483647) - -response-size-to-save int - Max response size to save in bytes (default - unlimited) (default 2147483647) - -response-time - Display the response time - -resume - Resume scan using resume.cfg - -retries int - Number of retries - -silent - Silent mode - -sr - Store HTTP response to directoy (default 'output') - -srd string - Custom directory to store HTTP responses (default "output") - -stats - Enable statistic on keypress (terminal may become unresponsive till the end) - -status-code - Display HTTP response status code - -store-chain - Save chain to file (default 'output') - -tech-detect - Perform wappalyzer based technology detection - -threads int - Number of threads (default 50) - -timeout int - Timeout in seconds (default 5) - -title - Display page title - -tls-grab - Perform TLS(SSL) data grabbing - -tls-probe - Send HTTP probes on the extracted TLS domains - -unsafe - Send raw requests skipping golang normalization - -verbose - Verbose Mode - -version - Show version of httpx - -vhost - Check for VHOSTs - -vhost-input - Get a list of vhosts as input - -web-server - Display server header - -websocket - Display server using websocket - -x string - Request Methods to use, use 'all' to probe all HTTP methods +Usage: + httpx [flags] + Flags: +TARGET: + -vhost-input Get a list of vhosts as input + -H string[] Custom Header to send with request + -ports string[] Port ranges to scan (nmap syntax: eg 1,2-10,11) + -http-proxy string HTTP Proxy, eg http://127.0.0.1:8080 + -l string Input file containing list of hosts to process + -x string Request Methods to use, use 'all' to probe all HTTP methods + -path string Request path/file (example '/api') + -paths string Command separated paths or file containing one path per line (example '/api/v1,/apiv2') + -body string Content to send in body with HTTP request + +TEMPLATE: + -tls-grab Perform TLS(SSL) data grabbing + -tech-detect Perform wappalyzer based technology detection + -threads int Number of threads (default 50) + -retries int Number of retries + -timeout int Timeout in seconds (default 5) + -vhost Check for VHOSTs + -follow-redirects Follow HTTP Redirects + -follow-host-redirects Only Follow redirects on the same host + -max-redirects int Max number of redirects to follow per host (default 10) + -tls-probe Send HTTP probes on the extracted TLS domains + -csp-probe Send HTTP probes on the extracted CSP domains + -unsafe Send raw requests skipping golang normalization + -pipeline HTTP1.1 Pipeline probe + -http2 HTTP2 probe + -no-fallback Probe both protocol (HTTPS and HTTP) + -no-fallback-scheme Probe with input protocol scheme + -random-agent Use randomly selected HTTP User-Agent header value (default true) + -allow string[] Allow list of IP/CIDR's to process (file or comma separated) + -deny string[] Deny list of IP/CIDR's to process (file or comma separated) + -response-size-to-save int Max response size to save in bytes (default - unlimited) (default 2147483647) + -response-size-to-read int Max response size to read in bytes (default - unlimited) (default 2147483647) + -resume Resume scan using resume.cfg + -exclude-cdn Skip full port scans for CDNs (only checks for 80,443) + -max-host-error int Max error count per host before skipping remaining path/s (default 30) + +FILTERING: + -mc string Match response with specific status code (-mc 200,302) + -ml string Match response with specific content length (-ml 102) + -fc string Filter response with specific status code (-fc 403,401) + -fl string Filter response with specific content length (-fl 23) + -filter-string string Filter response with specific string + -match-string string Match response with specific string + -filter-regex string Filter response with specific regex + -match-regex string Match response with specific regex + -extract-regex string Display response content with matched regex + +RATE-LIMIT: + -rate-limit int Maximum requests to send per second (default 150) + +OUTPUT: + -o string File to write output to (optional) + -status-code Display HTTP response status code + -title Display page title + -location Display location header + -content-length Display HTTP response content length + -sr Store HTTP response to directory (default 'output') + -srd string Custom directory to store HTTP responses (default "output") + -json Display output in JSON format + -csv Display output in CSV format + -method Display request method + -silent Silent mode + -version Show version of httpx + -verbose Verbose Mode + -no-color Disable colored output + -web-server Display server header + -websocket Display server using websocket + -response-in-json Show Raw HTTP response In Output (-json only) (deprecated) + -include-response Show Raw HTTP response In Output (-json only) + -include-chain Show Raw HTTP Chain In Output (-json only) + -content-type Display content-type header + -ip Display Host IP + -request string File containing raw request + -debug Debug mode + -cname Display Host cname + -cdn Display CDN + -response-time Display the response time + -stats Enable statistic on keypress (terminal may become unresponsive till the end) + -store-chain Save chain to file (default 'output') + -probe Display probe status ``` diff --git a/go.mod b/go.mod index b757876..9bdc281 100644 --- a/go.mod +++ b/go.mod @@ -51,6 +51,7 @@ require ( github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129 // indirect github.com/aymerick/douceur v0.2.0 // indirect github.com/cespare/xxhash/v2 v2.1.1 // indirect + github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 // indirect github.com/dgraph-io/badger v1.6.2 // indirect github.com/dimchansky/utfbom v1.1.1 // indirect github.com/dustin/go-humanize v1.0.0 // indirect @@ -61,9 +62,11 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.1 // indirect github.com/projectdiscovery/blackrock v0.0.0-20210415162320-b38689ae3a2e // indirect + github.com/projectdiscovery/goflags v0.0.7 // indirect github.com/projectdiscovery/networkpolicy v0.0.1 // indirect github.com/projectdiscovery/reflectutil v0.0.0-20210804085554-4d90952bf92f // indirect github.com/syndtr/goleveldb v1.0.0 // indirect github.com/yl2chen/cidranger v1.0.2 // indirect gopkg.in/ini.v1 v1.62.0 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect ) diff --git a/go.sum b/go.sum index 7d1bb01..6da7966 100644 --- a/go.sum +++ b/go.sum @@ -21,6 +21,8 @@ github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 h1:ox2F0PSMlrAAiAdknSRMDrAr8mfxPCfSZolH+/qQnyQ= +github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08/go.mod h1:pCxVEbcm3AMg7ejXyorUXi6HQCzOIBf7zEDVPtw0/U4= github.com/codegangsta/cli v1.20.0/go.mod h1:/qJNoX69yVSKu5o4jLyXAENLRyk1uhi7zkbQ3slBdOA= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= @@ -150,6 +152,8 @@ github.com/projectdiscovery/fileutil v0.0.0-20210804142714-ebba15fa53ca h1:xT//A github.com/projectdiscovery/fileutil v0.0.0-20210804142714-ebba15fa53ca/go.mod h1:U+QCpQnX8o2N2w0VUGyAzjM3yBAe4BKedVElxiImsx0= github.com/projectdiscovery/goconfig v0.0.0-20210804090219-f893ccd0c69c h1:1XRSp+44bhWudAWz+2+wHYJBHvDfE8mk9uWpzX+DU9k= github.com/projectdiscovery/goconfig v0.0.0-20210804090219-f893ccd0c69c/go.mod h1:mBv7GRD5n3WNbFE9blG8ynzXTM5eh9MmwaK6EOyn6Pk= +github.com/projectdiscovery/goflags v0.0.7 h1:aykmRkrOgDyRwcvGrK3qp+9aqcjGfAMs/+LtRmtyxwk= +github.com/projectdiscovery/goflags v0.0.7/go.mod h1:Jjwsf4eEBPXDSQI2Y+6fd3dBumJv/J1U0nmpM+hy2YY= github.com/projectdiscovery/gologger v1.0.1/go.mod h1:Ok+axMqK53bWNwDSU1nTNwITLYMXMdZtRc8/y1c7sWE= github.com/projectdiscovery/gologger v1.1.4 h1:qWxGUq7ukHWT849uGPkagPKF3yBPYAsTtMKunQ8O2VI= github.com/projectdiscovery/gologger v1.1.4/go.mod h1:Bhb6Bdx2PV1nMaFLoXNBmHIU85iROS9y1tBuv7T5pMY= diff --git a/runner/options.go b/runner/options.go index a532d1a..4624eb8 100644 --- a/runner/options.go +++ b/runner/options.go @@ -1,13 +1,13 @@ package runner import ( - "flag" "math" "os" "regexp" "github.com/projectdiscovery/fileutil" "github.com/projectdiscovery/goconfig" + "github.com/projectdiscovery/goflags" "github.com/projectdiscovery/gologger" "github.com/projectdiscovery/gologger/formatter" "github.com/projectdiscovery/gologger/levels" @@ -196,82 +196,96 @@ type Options struct { func ParseOptions() *Options { options := &Options{} - flag.CommandLine = flag.NewFlagSet(os.Args[0], flag.ExitOnError) - flag.BoolVar(&options.TLSGrab, "tls-grab", false, "Perform TLS(SSL) data grabbing") - flag.BoolVar(&options.TechDetect, "tech-detect", false, "Perform wappalyzer based technology detection") - flag.IntVar(&options.Threads, "threads", 50, "Number of threads") - flag.IntVar(&options.Retries, "retries", 0, "Number of retries") - flag.IntVar(&options.Timeout, "timeout", 5, "Timeout in seconds") - flag.StringVar(&options.Output, "o", "", "File to write output to (optional)") - flag.BoolVar(&options.VHost, "vhost", false, "Check for VHOSTs") - flag.BoolVar(&options.VHostInput, "vhost-input", false, "Get a list of vhosts as input") - flag.BoolVar(&options.ExtractTitle, "title", false, "Display page title") - flag.BoolVar(&options.StatusCode, "status-code", false, "Display HTTP response status code") - flag.BoolVar(&options.Location, "location", false, "Display location header") - flag.Var(&options.CustomHeaders, "H", "Custom Header to send with request") - flag.Var(&options.CustomPorts, "ports", "Port ranges to scan (nmap syntax: eg 1,2-10,11)") - flag.BoolVar(&options.ContentLength, "content-length", false, "Display HTTP response content length") - flag.BoolVar(&options.StoreResponse, "sr", false, "Store HTTP response to directory (default 'output')") - flag.StringVar(&options.StoreResponseDir, "srd", "output", "Custom directory to store HTTP responses") - flag.BoolVar(&options.FollowRedirects, "follow-redirects", false, "Follow HTTP Redirects") - flag.BoolVar(&options.FollowHostRedirects, "follow-host-redirects", false, "Only Follow redirects on the same host") - flag.IntVar(&options.MaxRedirects, "max-redirects", 10, "Max number of redirects to follow per host") - flag.StringVar(&options.HTTPProxy, "http-proxy", "", "HTTP Proxy, eg http://127.0.0.1:8080") - flag.BoolVar(&options.JSONOutput, "json", false, "Display output in JSON format") - flag.BoolVar(&options.CSVOutput, "csv", false, "Display output in CSV format") - flag.StringVar(&options.InputFile, "l", "", "Input file containing list of hosts to process") - flag.StringVar(&options.Methods, "x", "", "Request Methods to use, use 'all' to probe all HTTP methods") - flag.BoolVar(&options.OutputMethod, "method", false, "Display request method") - flag.BoolVar(&options.Silent, "silent", false, "Silent mode") - flag.BoolVar(&options.Version, "version", false, "Show version of httpx") - flag.BoolVar(&options.Verbose, "verbose", false, "Verbose Mode") - flag.BoolVar(&options.NoColor, "no-color", false, "Disable colored output") - flag.BoolVar(&options.OutputServerHeader, "web-server", false, "Display server header") - flag.BoolVar(&options.OutputWebSocket, "websocket", false, "Display server using websocket") - flag.BoolVar(&options.responseInStdout, "response-in-json", false, "Show Raw HTTP response In Output (-json only) (deprecated)") - flag.BoolVar(&options.responseInStdout, "include-response", false, "Show Raw HTTP response In Output (-json only)") - flag.BoolVar(&options.chainInStdout, "include-chain", false, "Show Raw HTTP Chain In Output (-json only)") - flag.BoolVar(&options.TLSProbe, "tls-probe", false, "Send HTTP probes on the extracted TLS domains") - flag.BoolVar(&options.CSPProbe, "csp-probe", false, "Send HTTP probes on the extracted CSP domains") - flag.StringVar(&options.RequestURI, "path", "", "Request path/file (example '/api')") - flag.StringVar(&options.RequestURIs, "paths", "", "Command separated paths or file containing one path per line (example '/api/v1,/apiv2')") - flag.BoolVar(&options.OutputContentType, "content-type", false, "Display content-type header") - flag.StringVar(&options.OutputMatchStatusCode, "mc", "", "Match response with specific status code (-mc 200,302)") - flag.StringVar(&options.OutputMatchContentLength, "ml", "", "Match response with specific content length (-ml 102)") - flag.StringVar(&options.OutputFilterStatusCode, "fc", "", "Filter response with specific status code (-fc 403,401)") - flag.StringVar(&options.OutputFilterContentLength, "fl", "", "Filter response with specific content length (-fl 23)") - flag.StringVar(&options.InputRawRequest, "request", "", "File containing raw request") - flag.BoolVar(&options.Unsafe, "unsafe", false, "Send raw requests skipping golang normalization") - flag.StringVar(&options.RequestBody, "body", "", "Content to send in body with HTTP request") - flag.BoolVar(&options.Debug, "debug", false, "Debug mode") - flag.BoolVar(&options.Pipeline, "pipeline", false, "HTTP1.1 Pipeline probe") - flag.BoolVar(&options.HTTP2Probe, "http2", false, "HTTP2 probe") - flag.BoolVar(&options.OutputIP, "ip", false, "Display Host IP") - flag.StringVar(&options.OutputFilterString, "filter-string", "", "Filter response with specific string") - flag.StringVar(&options.OutputMatchString, "match-string", "", "Match response with specific string") - flag.StringVar(&options.OutputFilterRegex, "filter-regex", "", "Filter response with specific regex") - flag.StringVar(&options.OutputMatchRegex, "match-regex", "", "Match response with specific regex") - flag.BoolVar(&options.OutputCName, "cname", false, "Display Host cname") - flag.BoolVar(&options.OutputCDN, "cdn", false, "Display CDN") - flag.BoolVar(&options.OutputResponseTime, "response-time", false, "Display the response time") - flag.BoolVar(&options.NoFallback, "no-fallback", false, "Probe both protocol (HTTPS and HTTP)") - flag.BoolVar(&options.NoFallbackScheme, "no-fallback-scheme", false, "Probe with input protocol scheme") - flag.BoolVar(&options.ShowStatistics, "stats", false, "Enable statistic on keypress (terminal may become unresponsive till the end)") - flag.BoolVar(&options.RandomAgent, "random-agent", true, "Use randomly selected HTTP User-Agent header value") - flag.BoolVar(&options.StoreChain, "store-chain", false, "Save chain to file (default 'output')") - flag.Var(&options.Allow, "allow", "Allow list of IP/CIDR's to process (file or comma separated)") - flag.Var(&options.Deny, "deny", "Deny list of IP/CIDR's to process (file or comma separated)") - flag.IntVar(&options.MaxResponseBodySizeToSave, "response-size-to-save", math.MaxInt32, "Max response size to save in bytes (default - unlimited)") - flag.IntVar(&options.MaxResponseBodySizeToRead, "response-size-to-read", math.MaxInt32, "Max response size to read in bytes (default - unlimited)") - flag.StringVar(&options.OutputExtractRegex, "extract-regex", "", "Display response content with matched regex") - flag.IntVar(&options.RateLimit, "rate-limit", 150, "Maximum requests to send per second") - flag.BoolVar(&options.Probe, "probe", false, "Display probe status") - flag.BoolVar(&options.Resume, "resume", false, "Resume scan using resume.cfg") - flag.BoolVar(&options.ExcludeCDN, "exclude-cdn", false, "Skip full port scans for CDNs (only checks for 80,443)") - flag.IntVar(&options.HostMaxErrors, "max-host-error", 30, "Max error count per host before skipping remaining path/s") + flagSet := goflags.NewFlagSet() + flagSet.SetDescription(`httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using [retryablehttp](https://github.com/projectdiscovery/retryablehttp-go) library, it is designed to maintain the result reliability with increased threads.`) - flag.Parse() + createGroup(flagSet, "input", "Target", + flagSet.BoolVar(&options.VHostInput, "vhost-input", false, "Get a list of vhosts as input"), + flagSet.Var(&options.CustomHeaders, "H", "Custom Header to send with request"), + flagSet.Var(&options.CustomPorts, "ports", "Port ranges to scan (nmap syntax: eg 1,2-10,11)"), + flagSet.StringVar(&options.HTTPProxy, "http-proxy", "", "HTTP Proxy, eg http://127.0.0.1:8080"), + flagSet.StringVar(&options.InputFile, "l", "", "Input file containing list of hosts to process"), + flagSet.StringVar(&options.Methods, "x", "", "Request Methods to use, use 'all' to probe all HTTP methods"), + flagSet.StringVar(&options.RequestURI, "path", "", "Request path/file (example '/api')"), + flagSet.StringVar(&options.RequestURIs, "paths", "", "Command separated paths or file containing one path per line (example '/api/v1,/apiv2')"), + flagSet.StringVar(&options.RequestBody, "body", "", "Content to send in body with HTTP request"), + ) + createGroup(flagSet, "template", "Template", + flagSet.BoolVar(&options.TLSGrab, "tls-grab", false, "Perform TLS(SSL) data grabbing"), + flagSet.BoolVar(&options.TechDetect, "tech-detect", false, "Perform wappalyzer based technology detection"), + flagSet.IntVar(&options.Threads, "threads", 50, "Number of threads"), + flagSet.IntVar(&options.Retries, "retries", 0, "Number of retries"), + flagSet.IntVar(&options.Timeout, "timeout", 5, "Timeout in seconds"), + flagSet.BoolVar(&options.VHost, "vhost", false, "Check for VHOSTs"), + flagSet.BoolVar(&options.FollowRedirects, "follow-redirects", false, "Follow HTTP Redirects"), + flagSet.BoolVar(&options.FollowHostRedirects, "follow-host-redirects", false, "Only Follow redirects on the same host"), + flagSet.IntVar(&options.MaxRedirects, "max-redirects", 10, "Max number of redirects to follow per host"), + flagSet.BoolVar(&options.TLSProbe, "tls-probe", false, "Send HTTP probes on the extracted TLS domains"), + flagSet.BoolVar(&options.CSPProbe, "csp-probe", false, "Send HTTP probes on the extracted CSP domains"), + flagSet.BoolVar(&options.Unsafe, "unsafe", false, "Send raw requests skipping golang normalization"), + flagSet.BoolVar(&options.Pipeline, "pipeline", false, "HTTP1.1 Pipeline probe"), + flagSet.BoolVar(&options.HTTP2Probe, "http2", false, "HTTP2 probe"), + flagSet.BoolVar(&options.NoFallback, "no-fallback", false, "Probe both protocol (HTTPS and HTTP)"), + flagSet.BoolVar(&options.NoFallbackScheme, "no-fallback-scheme", false, "Probe with input protocol scheme"), + flagSet.BoolVar(&options.RandomAgent, "random-agent", true, "Use randomly selected HTTP User-Agent header value"), + flagSet.Var(&options.Allow, "allow", "Allow list of IP/CIDR's to process (file or comma separated)"), + flagSet.Var(&options.Deny, "deny", "Deny list of IP/CIDR's to process (file or comma separated)"), + flagSet.IntVar(&options.MaxResponseBodySizeToSave, "response-size-to-save", math.MaxInt32, "Max response size to save in bytes (default - unlimited)"), + flagSet.IntVar(&options.MaxResponseBodySizeToRead, "response-size-to-read", math.MaxInt32, "Max response size to read in bytes (default - unlimited)"), + flagSet.BoolVar(&options.Resume, "resume", false, "Resume scan using resume.cfg"), + flagSet.BoolVar(&options.ExcludeCDN, "exclude-cdn", false, "Skip full port scans for CDNs (only checks for 80,443)"), + flagSet.IntVar(&options.HostMaxErrors, "max-host-error", 30, "Max error count per host before skipping remaining path/s"), + ) + + createGroup(flagSet, "filters", "Filtering", + flagSet.StringVar(&options.OutputMatchStatusCode, "mc", "", "Match response with specific status code (-mc 200,302)"), + flagSet.StringVar(&options.OutputMatchContentLength, "ml", "", "Match response with specific content length (-ml 102)"), + flagSet.StringVar(&options.OutputFilterStatusCode, "fc", "", "Filter response with specific status code (-fc 403,401)"), + flagSet.StringVar(&options.OutputFilterContentLength, "fl", "", "Filter response with specific content length (-fl 23)"), + flagSet.StringVar(&options.OutputFilterString, "filter-string", "", "Filter response with specific string"), + flagSet.StringVar(&options.OutputMatchString, "match-string", "", "Match response with specific string"), + flagSet.StringVar(&options.OutputFilterRegex, "filter-regex", "", "Filter response with specific regex"), + flagSet.StringVar(&options.OutputMatchRegex, "match-regex", "", "Match response with specific regex"), + flagSet.StringVar(&options.OutputExtractRegex, "extract-regex", "", "Display response content with matched regex"), + ) + + createGroup(flagSet, "rate-limit", "Rate-limit", + flagSet.IntVar(&options.RateLimit, "rate-limit", 150, "Maximum requests to send per second"), + ) + + createGroup(flagSet, "output", "Output", + flagSet.StringVar(&options.Output, "o", "", "File to write output to (optional)"), + flagSet.BoolVar(&options.StatusCode, "status-code", false, "Display HTTP response status code"), + flagSet.BoolVar(&options.ExtractTitle, "title", false, "Display page title"), + flagSet.BoolVar(&options.Location, "location", false, "Display location header"), + flagSet.BoolVar(&options.ContentLength, "content-length", false, "Display HTTP response content length"), + flagSet.BoolVar(&options.StoreResponse, "sr", false, "Store HTTP response to directory (default 'output')"), + flagSet.StringVar(&options.StoreResponseDir, "srd", "output", "Custom directory to store HTTP responses"), + flagSet.BoolVar(&options.JSONOutput, "json", false, "Display output in JSON format"), + flagSet.BoolVar(&options.CSVOutput, "csv", false, "Display output in CSV format"), + flagSet.BoolVar(&options.OutputMethod, "method", false, "Display request method"), + flagSet.BoolVar(&options.Silent, "silent", false, "Silent mode"), + flagSet.BoolVar(&options.Version, "version", false, "Show version of httpx"), + flagSet.BoolVar(&options.Verbose, "verbose", false, "Verbose Mode"), + flagSet.BoolVar(&options.NoColor, "no-color", false, "Disable colored output"), + flagSet.BoolVar(&options.OutputServerHeader, "web-server", false, "Display server header"), + flagSet.BoolVar(&options.OutputWebSocket, "websocket", false, "Display server using websocket"), + flagSet.BoolVar(&options.responseInStdout, "response-in-json", false, "Show Raw HTTP response In Output (-json only) (deprecated)"), + flagSet.BoolVar(&options.responseInStdout, "include-response", false, "Show Raw HTTP response In Output (-json only)"), + flagSet.BoolVar(&options.chainInStdout, "include-chain", false, "Show Raw HTTP Chain In Output (-json only)"), + flagSet.BoolVar(&options.OutputContentType, "content-type", false, "Display content-type header"), + flagSet.BoolVar(&options.OutputIP, "ip", false, "Display Host IP"), + flagSet.StringVar(&options.InputRawRequest, "request", "", "File containing raw request"), + flagSet.BoolVar(&options.Debug, "debug", false, "Debug mode"), + flagSet.BoolVar(&options.OutputCName, "cname", false, "Display Host cname"), + flagSet.BoolVar(&options.OutputCDN, "cdn", false, "Display CDN"), + flagSet.BoolVar(&options.OutputResponseTime, "response-time", false, "Display the response time"), + flagSet.BoolVar(&options.ShowStatistics, "stats", false, "Enable statistic on keypress (terminal may become unresponsive till the end)"), + flagSet.BoolVar(&options.StoreChain, "store-chain", false, "Save chain to file (default 'output')"), + flagSet.BoolVar(&options.Probe, "probe", false, "Display probe status"), + ) + flagSet.Parse() // Read the inputs and configure the logging options.configureOutput() @@ -366,3 +380,10 @@ func (options *Options) ShouldLoadResume() bool { func (options *Options) ShouldSaveResume() bool { return true } + +func createGroup(flagSet *goflags.FlagSet, groupName, description string, flags ...*goflags.FlagData) { + flagSet.SetGroup(groupName, description) + for _, currentFlag := range flags { + currentFlag.Group(groupName) + } +}