HExHTTP is a tool designed to perform tests on HTTP headers and analyze the
results to identify vulnerabilities and interesting behaviors.
Features
- Server Error response checking
- Localhost header response analysis
- Vhosts checking
- Methods response analysis
- HTTP Version analysis [Experimental]
- Cache Poisoning DoS (CPDoS) techniques
- Web cache poisoning
- Range poisoning/error (416 response error) [Experimental]
- Cookie Reflection
- CDN/proxies Analysis (Envoy/Apache/Akamai/Nginx) [IP]
Installation
Python
pip install -r requirements.txt ./hexhttp.py -u 'https://target.tld/' # OR python3 hexhttp.py -u 'https://target.tld/''
Docker
docker build -t hexhttp:latest . docker run --rm -it --net=host -v "$PWD:/hexhttp/" hexhttp:latest -u 'https://target.tld/'
Usage
Usage: hexhttp.py [-h] [-u URL] [-f URL_FILE] [-H CUSTOM_HEADER] [-A USER_AGENT] [-F] [-a AUTH] [-b]
HExHTTP is a tool designed to perform tests on HTTP headers.
options:
-h, --help show this help message and exit
-u URL, --url URL URL to test [required]
-f URL_FILE, --file URL_FILE
File of URLs
-H CUSTOM_HEADER, --header CUSTOM_HEADER
Add a custom HTTP Header
-A USER_AGENT, --user-agent USER_AGENT
Add a custom User Agent
-F, --full Display the full HTTP Header
-a AUTH, --auth AUTH Add an HTTP authentication. Ex: --auth admin:admin
-b, --behavior Activates a simplified version of verbose, highlighting interesting cache behaviors
-hu HUMANS, --humans HUMANS
Performs a timesleep to reproduce human behavior (Default: 0s) value: "r" or "random"
-t THREADS, --threads THREADS
Threads numbers for multiple URLs. Default: 10
-l LOG, --log LOG Set the logging level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
-L LOG_FILE, --log-file LOG_FILE
The file path pattern for the log file. Default: logs/
-v, --verbose Increase verbosity (can be used multiple times)
