Skip to content

Sharp Karambit for Web Domain Crucifixion and Account Takeover.

License

AGPL-3.0, MIT licenses found

Licenses found

AGPL-3.0
LICENSE.md
MIT
LICENSE-MIT
Notifications You must be signed in to change notification settings

byt3n33dl3/httpX

KarambitCapabilityUsageMaster

httpx

Fast and multi purpose HTTP toolkit that allows running multiple probes using the retryable HTTP library. It is designed to maintain result reliability with an increased number of threads. httpX has been an essential asset in the arsenal of Security professionals and researchers.

httpX / Assessor

    __    __  __       _  __
   / /_  / /_/ /_____ | |/ /
  / __ \/ __/ __/ __ \|   / 
 / / / / /_/ /_/ /_/ /   |  
/_/ /_/\__/\__/ .___/_/|_|v2  
             /_/

httpX

httpX can be used as a library by creating an instance of the Option struct and populating it with the same options that would be specified via CLI. Once validated, the struct should be passed to a runner instance to be closed at the end of the program and the RunEnumeration method should be called.

Sharp Karambit

A CLI software for Web Domain Crucifixion and Account Takeover.

An Open source Penetration Testing tool that automates the process of detecting and exploiting HTTP and HTTPs flaws and taking over of the Insecure Domain services. It comes with a powerful detection engine, many niche features for the ultimate Penetration Tester, and a broad range of switches including Domain fingerprinting, over data fetching from any services, accessing the underlying file systems.

  • Simple and modular code base making it easy to contribute.
  • Fast And fully configurable flags to probe multiple elements.
  • Supports multiple HTTP based probings.
  • Smart auto fallback from https to http as default.
  • Supports hosts, URLs and CIDR as input.
  • Account Takeover
    • Domain Escalation
  • Handles edge cases doing retries, backoffs etc for handling WAFs.
🧛 Disclaimer
This project is in active development. Expect breaking changes with releases. Review the changelog before updating.
This project was primarily built to be used as a standalone CLI tool. Running it as a service may pose security risks. It's recommended to use with caution and additional security measures.

Interface

httpx

Probes

Probes Default check Probes Default check
URL true IP true
Title true CNAME true
Status Code true Raw HTTP true
Content Length true HTTP2 true
TLS Certificate true HTTP Pipeline true
CSP Header true Virtual host true
Line Count true Word Count true
Location Header true CDN true
Web Server true Paths true
Web Socket true Ports true
Response Time true Request Method true
Favicon Hash false Probe Status true
Body Hash true Header Hash true
Redirect chain false URL Scheme true
JARM Hash false ASN true

Notes

  • As default, httpx probe with HTTPs scheme and fall-back to HTTP only if HTTPs is not reachable.
  • The -no-fallback flag can be used to probe and display both HTTP and HTTPs result.
  • Custom scheme for ports can be defined, for example -ports http:443,http:80,https:8443
  • Custom resolver supports multiple protocol (doh|tcp|udp) in form of protocol:resolver:port (e.g. udp:127.0.0.1:53)
  • The following flags should be used for specific use cases instead of running them as default with other probes:
    • -ports
    • -path
    • -vhost
    • -screenshot
    • -csp-probe
    • -tls-probe
    • -favicon
    • -http2
    • -pipeline
    • -tls-impersonate

Credits / main

AGPL / LICENSE

GNU AFFERO GENERAL PUBLIC LICENSE 3.0

The GNU Affero General Public License is a free, copyleft license for software and other kinds of works, specifically designed to ensure cooperation with the community in the case of network server software. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, our General Public Licenses are intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users.