{"id":24708372,"url":"https://github.com/surface-security/httpx","last_synced_at":"2025-03-22T06:14:24.859Z","repository":{"id":43829696,"uuid":"458167696","full_name":"surface-security/httpx","owner":"surface-security","description":"httpx fork specifically to work for Surface Security","archived":false,"fork":false,"pushed_at":"2024-03-07T12:24:15.000Z","size":4484,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-27T06:34:37.318Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/surface-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-02-11T11:56:10.000Z","updated_at":"2023-04-10T12:35:57.000Z","dependencies_parsed_at":"2025-01-27T06:41:56.057Z","dependency_job_id":null,"html_url":"https://github.com/surface-security/httpx","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/surface-security%2Fhttpx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/surface-security%2Fhttpx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/surface-security%2Fhttpx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/surface-security%2Fhttpx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/surface-security","download_url":"https://codeload.github.com/surface-security/httpx/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244913328,"owners_count":20530817,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-27T06:31:40.042Z","updated_at":"2025-03-22T06:14:24.837Z","avatar_url":"https://github.com/surface-security.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n \u003cimg src=\"static/httpx-logo.png\" alt=\"httpx\" width=\"200px\"\u003e\n \u003cbr\u003e\n\u003c/h1\u003e\n\n\n\n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://opensource.org/licenses/MIT\"\u003e\u003cimg src=\"https://img.shields.io/badge/license-MIT-_red.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://goreportcard.com/badge/github.com/projectdiscovery/httpx\"\u003e\u003cimg src=\"https://goreportcard.com/badge/github.com/projectdiscovery/httpx\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/projectdiscovery/httpx/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/release/projectdiscovery/httpx\"\u003e\u003c/a\u003e\n\u003ca href=\"https://hub.docker.com/r/projectdiscovery/httpx\"\u003e\u003cimg src=\"https://img.shields.io/docker/pulls/projectdiscovery/httpx.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://twitter.com/pdiscoveryio\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/pdiscoveryio.svg?logo=twitter\"\u003e\u003c/a\u003e\n\u003ca href=\"https://discord.gg/projectdiscovery\"\u003e\u003cimg src=\"https://img.shields.io/discord/695645237418131507.svg?logo=discord\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003ca href=\"#features\"\u003eFeatures\u003c/a\u003e •\n \u003ca href=\"#installation-instructions\"\u003eInstallation\u003c/a\u003e •\n \u003ca href=\"#usage\"\u003eUsage\u003c/a\u003e •\n \u003ca href=\"#running-httpx\"\u003eRunning httpx\u003c/a\u003e •\n \u003ca href=\"#notes\"\u003eNotes\u003c/a\u003e •\n \u003ca href=\"https://discord.gg/projectdiscovery\"\u003eJoin Discord\u003c/a\u003e\n\u003c/p\u003e\n\n\n`httpx` is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the [retryablehttp](https://github.com/projectdiscovery/retryablehttp-go) library. It is designed to maintain result reliability with an increased number of threads.\n\n# Features\n\n\u003ch1 align=\"center\"\u003e\n \u003cimg src=\"https://user-images.githubusercontent.com/8293321/135731750-4c1d38b1-bd2a-40f9-88e9-3c4b9f6da378.png\" alt=\"httpx\" width=\"700px\"\u003e\n \u003cbr\u003e\n\u003c/h1\u003e\n\n - Simple and modular code base making it easy to contribute.\n - Fast And fully configurable flags to probe multiple elements.\n - Supports multiple HTTP based probings.\n - Smart auto fallback from https to http as default. \n - Supports hosts, URLs and CIDR as input.\n - Handles edge cases doing retries, backoffs etc for handling WAFs.\n\n### Supported probes\n\n| Probes | Default check | Probes | Default check |\n|-----------------|---------------|----------------|---------------|\n| URL | true | IP | true |\n| Title | true | CNAME | true |\n| Status Code | true | Raw HTTP | false |\n| Content Length | true | HTTP2 | false |\n| TLS Certificate | true | HTTP Pipeline | false |\n| CSP Header | true | Virtual host | false |\n| Line Count | true | Word Count | true |\n| Location Header | true | CDN | false |\n| Web Server | true | Paths | false |\n| Web Socket | true | Ports | false |\n| Response Time | true | Request Method | true |\n| Favicon Hash | false | Probe Status | false |\n| Body Hash | true | Header Hash | true |\n| Redirect chain | false | URL Scheme | true |\n| JARM Hash | false | ASN | false |\n\n# Installation Instructions\n\n`httpx` requires **go1.19** to install successfully. Run the following command to get the repo:\n\n```sh\ngo install -v github.com/projectdiscovery/httpx/cmd/httpx@latest\n```\n\n# Usage\n\n```sh\nhttpx -h\n```\n\nThis will display help for the tool. Here are all the switches it supports.\n\n\n```console\nUsage:\n ./httpx [flags]\n\nFlags:\nINPUT:\n -l, -list string input file containing list of hosts to process\n -rr, -request string file containing raw request\n -u, -target string[] input target host(s) to probe\n\nPROBES:\n -sc, -status-code display response status-code\n -cl, -content-length display response content-length\n -ct, -content-type display response content-type\n -location display response redirect location\n -favicon display mmh3 hash for '/favicon.ico' file\n -hash string display response body hash (supported: md5,mmh3,simhash,sha1,sha256,sha512)\n -jarm display jarm fingerprint hash\n -rt, -response-time display response time\n -lc, -line-count display response body line count\n -wc, -word-count display response body word count\n -title display page title\n -server, -web-server display server name\n -td, -tech-detect display technology in use based on wappalyzer dataset\n -method display http request method\n -websocket display server using websocket\n -ip display host ip\n -cname display host cname\n -asn display host asn information\n -cdn display cdn in use\n -probe display probe status\n\nMATCHERS:\n -mc, -match-code string match response with specified status code (-mc 200,302)\n -ml, -match-length string match response with specified content length (-ml 100,102)\n -mlc, -match-line-count string match response body with specified line count (-mlc 423,532)\n -mwc, -match-word-count string match response body with specified word count (-mwc 43,55)\n -mfc, -match-favicon string[] match response with specified favicon hash (-mfc 1494302000)\n -ms, -match-string string match response with specified string (case insensitive) (-ms admin)\n -mr, -match-regex string match response with specified regex (-mr admin)\n -mcdn, -match-cdn string[] match host with specified cdn provider (oracle, google, azure, cloudflare, cloudfront, fastly, incapsula, leaseweb, akamai, sucuri)\n -mrt, -match-response-time string match response with specified response time in seconds (-mrt '\u003c 1')\n -mdc, -match-condition string match response with dsl expression condition\n\nEXTRACTOR:\n -er, -extract-regex string[] display response content with matched regex\n -ep, -extract-preset string[] display response content matched by a pre-defined regex (url,ipv4,mail)\n\nFILTERS:\n -fc, -filter-code string filter response with specified status code (-fc 403,401)\n -fl, -filter-length string filter response with specified content length (-fl 23,33)\n -flc, -filter-line-count string filter response body with specified line count (-flc 423,532)\n -fwc, -filter-word-count string filter response body with specified word count (-fwc 423,532)\n -ffc, -filter-favicon string[] filter response with specified favicon hash (-mfc 1494302000)\n -fs, -filter-string string filter response with specified string (-fs admin)\n -fe, -filter-regex string filter response with specified regex (-fe admin)\n -fcdn, -filter-cdn string[] filter host with specified cdn provider (oracle, google, azure, cloudflare, cloudfront, fastly, incapsula, leaseweb, akamai, sucuri)\n -frt, -filter-response-time string filter response with specified response time in seconds (-frt '\u003e 1')\n -fdc, -filter-condition string filter response with dsl expression condition\n\nRATE-LIMIT:\n -t, -threads int number of threads to use (default 50)\n -rl, -rate-limit int maximum requests to send per second (default 150)\n -rlm, -rate-limit-minute int maximum number of requests to send per minute\n\nMISCELLANEOUS:\n -pa, -probe-all-ips probe all the ips associated with same host\n -p, -ports string[] ports to probe (nmap syntax: eg http:1,2-10,11,https:80)\n -path string path or list of paths to probe (comma-separated, file)\n -tls-probe send http probes on the extracted TLS domains (dns_name)\n -csp-probe send http probes on the extracted CSP domains\n -tls-grab perform TLS(SSL) data grabbing\n -pipeline probe and display server supporting HTTP1.1 pipeline\n -http2 probe and display server supporting HTTP2\n -vhost probe and display server supporting VHOST\n -ldv, -list-dsl-variables list json output field keys name that support dsl matcher/filter\n\nOUTPUT:\n -o, -output string file to write output results\n -sr, -store-response store http response to output directory\n -srd, -store-response-dir string store http response to custom directory\n -csv store output in csv format\n -csvo, -csv-output-encoding string define output encoding\n -json store output in JSONL(ines) format\n -irr, -include-response include http request/response in JSON output (-json only)\n -irrb, -include-response-base64 include base64 encoded http request/response in JSON output (-json only)\n -include-chain include redirect http chain in JSON output (-json only)\n -store-chain include http redirect chain in responses (-sr only)\n\nCONFIGURATIONS:\n -r, -resolvers string[] list of custom resolver (file or comma separated)\n -allow string[] allowed list of IP/CIDR's to process (file or comma separated)\n -deny string[] denied list of IP/CIDR's to process (file or comma separated)\n -sni, -sni-name string custom TLS SNI name\n -random-agent enable Random User-Agent to use (default true)\n -H, -header string[] custom http headers to send with request\n -http-proxy, -proxy string http proxy to use (eg http://127.0.0.1:8080)\n -unsafe send raw requests skipping golang normalization\n -resume resume scan using resume.cfg\n -fr, -follow-redirects follow http redirects\n -maxr, -max-redirects int max number of redirects to follow per host (default 10)\n -fhr, -follow-host-redirects follow redirects on the same host\n -vhost-input get a list of vhosts as input\n -x string request methods to probe, use 'all' to probe all HTTP methods\n -body string post body to include in http request\n -s, -stream stream mode - start elaborating input targets without sorting\n -sd, -skip-dedupe disable dedupe input items (only used with stream mode)\n -ldp, -leave-default-ports leave default http/https ports in host header (eg. http://host:80 - https//host:443\n -ztls use ztls library with autofallback to standard one for tls13\n\nDEBUG:\n -health-check, -hc run diagnostic check up\n -debug display request/response content in cli\n -debug-req display request content in cli\n -debug-resp display response content in cli\n -version display httpx version\n -stats display scan statistic\n -profile-mem string optional httpx memory profile dump file\n -silent silent mode\n -v, -verbose verbose mode\n -si, -stats-interval int number of seconds to wait between showing a statistics update (default: 5)\n -nc, -no-color disable colors in cli output\n\nOPTIMIZATIONS:\n -nf, -no-fallback display both probed protocol (HTTPS and HTTP)\n -nfs, -no-fallback-scheme probe with protocol scheme specified in input \n -maxhr, -max-host-error int max error count per host before skipping remaining path/s (default 30)\n -ec, -exclude-cdn skip full port scans for CDNs (only checks for 80,443)\n -retries int number of retries\n -timeout int timeout in seconds (default 5)\n -delay duration duration between each http request (eg: 200ms, 1s) (default -1ns)\n -rsts, -response-size-to-save int max response size to save in bytes (default 2147483647)\n -rstr, -response-size-to-read int max response size to read in bytes (default 2147483647)\n```\n\n# Running httpX\n\n### URL Probe\n\nThis will run the tool against all the hosts and subdomains in `hosts.txt` and returns URLs running HTTP webserver. \n\n```console\ncat hosts.txt | httpx \n\n __ __ __ _ __\n / /_ / /_/ /_____ | |/ /\n / __ \\/ __/ __/ __ \\| / \n / / / / /_/ /_/ /_/ / | \n/_/ /_/\\__/\\__/ .___/_/|_| v1.1.1 \n /_/ \n\n projectdiscovery.io\n\n[WRN] Use with caution. You are responsible for your actions\n[WRN] Developers assume no liability and are not responsible for any misuse or damage.\n\nhttps://mta-sts.managed.hackerone.com\nhttps://mta-sts.hackerone.com\nhttps://mta-sts.forwarding.hackerone.com\nhttps://docs.hackerone.com\nhttps://www.hackerone.com\nhttps://resources.hackerone.com\nhttps://api.hackerone.com\nhttps://support.hackerone.com\n```\n\n### File Input\n\nThis will run the tool with the `-probe` flag against all the hosts in **hosts.txt** and return URLs with probed status.\n\n```console\nhttpx -list hosts.txt -silent -probe\n\nhttp://ns.hackerone.com [FAILED]\nhttps://docs.hackerone.com [SUCCESS]\nhttps://mta-sts.hackerone.com [SUCCESS]\nhttps://mta-sts.managed.hackerone.com [SUCCESS]\nhttp://email.hackerone.com [FAILED]\nhttps://mta-sts.forwarding.hackerone.com [SUCCESS]\nhttp://links.hackerone.com [FAILED]\nhttps://api.hackerone.com [SUCCESS]\nhttps://www.hackerone.com [SUCCESS]\nhttp://events.hackerone.com [FAILED]\nhttps://support.hackerone.com [SUCCESS]\nhttps://gslink.hackerone.com [SUCCESS]\nhttp://o1.email.hackerone.com [FAILED]\nhttp://info.hackerone.com [FAILED]\nhttps://resources.hackerone.com [SUCCESS]\nhttp://o2.email.hackerone.com [FAILED]\nhttp://o3.email.hackerone.com [FAILED]\nhttp://go.hackerone.com [FAILED]\nhttp://a.ns.hackerone.com [FAILED]\nhttp://b.ns.hackerone.com [FAILED]\n```\n\n### CIDR Input \n\n```console\necho 173.0.84.0/24 | httpx -silent\n\nhttps://173.0.84.29\nhttps://173.0.84.43\nhttps://173.0.84.31\nhttps://173.0.84.44\nhttps://173.0.84.12\nhttps://173.0.84.4\nhttps://173.0.84.36\nhttps://173.0.84.45\nhttps://173.0.84.14\nhttps://173.0.84.25\nhttps://173.0.84.46\nhttps://173.0.84.24\nhttps://173.0.84.32\nhttps://173.0.84.9\nhttps://173.0.84.13\nhttps://173.0.84.6\nhttps://173.0.84.16\nhttps://173.0.84.34\n```\n### AS Number Input\n```console\necho AS14421 | httpx -silent\n\nhttps://216.101.17.248\nhttps://216.101.17.249\nhttps://216.101.17.250\nhttps://216.101.17.251\nhttps://216.101.17.252\n```\n\n### Tool Chain\n\n\n```console\nsubfinder -d hackerone.com -silent| httpx -title -tech-detect -status-code\n\n __ __ __ _ __\n / /_ / /_/ /_____ | |/ /\n / __ \\/ __/ __/ __ \\| /\n / / / / /_/ /_/ /_/ / |\n/_/ /_/\\__/\\__/ .___/_/|_|\n /_/ v1.1.1\n\n projectdiscovery.io\n\nUse with caution. You are responsible for your actions\nDevelopers assume no liability and are not responsible for any misuse or damage.\nhttps://mta-sts.managed.hackerone.com [404] [Page not found · GitHub Pages] [Varnish,GitHub Pages,Ruby on Rails]\nhttps://mta-sts.hackerone.com [404] [Page not found · GitHub Pages] [Varnish,GitHub Pages,Ruby on Rails]\nhttps://mta-sts.forwarding.hackerone.com [404] [Page not found · GitHub Pages] [GitHub Pages,Ruby on Rails,Varnish]\nhttps://docs.hackerone.com [200] [HackerOne Platform Documentation] [Ruby on Rails,jsDelivr,Gatsby,React,webpack,Varnish,GitHub Pages]\nhttps://support.hackerone.com [301,302,301,200] [HackerOne] [Cloudflare,Ruby on Rails,Ruby]\nhttps://resources.hackerone.com [301,301,404] [Sorry, no Folders found.]\n```\n\n### Favicon Hash\n\n\n```console\nsubfinder -d hackerone.com -silent | httpx -favicon\n\n __ __ __ _ __\n / /_ / /_/ /_____ | |/ /\n / __ \\/ __/ __/ __ \\| /\n / / / / /_/ /_/ /_/ / |\n/_/ /_/\\__/\\__/ .___/_/|_|\n /_/ v1.1.5\n\n projectdiscovery.io\n\nUse with caution. You are responsible for your actions.\nDevelopers assume no liability and are not responsible for any misuse or damage.\nhttps://docs.hackerone.com/favicon.ico [595148549]\nhttps://hackerone.com/favicon.ico [595148549]\nhttps://mta-sts.managed.hackerone.com/favicon.ico [-1700323260]\nhttps://mta-sts.forwarding.hackerone.com/favicon.ico [-1700323260]\nhttps://support.hackerone.com/favicon.ico [-1279294674]\nhttps://gslink.hackerone.com/favicon.ico [1506877856]\nhttps://resources.hackerone.com/favicon.ico [-1840324437]\nhttps://api.hackerone.com/favicon.ico [566218143]\nhttps://mta-sts.hackerone.com/favicon.ico [-1700323260]\nhttps://www.hackerone.com/favicon.ico [778073381]\n```\n\n### [JARM Fingerprint](https://github.com/salesforce/jarm)\n\n\n```console\nsubfinder -d hackerone.com -silent | httpx -jarm\n __ __ __ _ __\n / /_ / /_/ /_____ | |/ /\n / __ \\/ __/ __/ __ \\| /\n / / / / /_/ /_/ /_/ / |\n/_/ /_/\\__/\\__/ .___/_/|_|\n /_/ v1.2.1\n\n projectdiscovery.io\n\nUse with caution. You are responsible for your actions.\nDevelopers assume no liability and are not responsible for any misuse or damage.\nhttps://www.hackerone.com [29d3dd00029d29d00042d43d00041d5de67cc9954cc85372523050f20b5007]\nhttps://mta-sts.hackerone.com [29d29d00029d29d00042d43d00041d2aa5ce6a70de7ba95aef77a77b00a0af]\nhttps://mta-sts.managed.hackerone.com [29d29d00029d29d00042d43d00041d2aa5ce6a70de7ba95aef77a77b00a0af]\nhttps://docs.hackerone.com [29d29d00029d29d00042d43d00041d2aa5ce6a70de7ba95aef77a77b00a0af]\nhttps://support.hackerone.com [29d3dd00029d29d00029d3dd29d29d5a74e95248e58a6162e37847a24849f7]\nhttps://api.hackerone.com [29d3dd00029d29d00042d43d00041d5de67cc9954cc85372523050f20b5007]\nhttps://mta-sts.forwarding.hackerone.com [29d29d00029d29d00042d43d00041d2aa5ce6a70de7ba95aef77a77b00a0af]\nhttps://resources.hackerone.com [2ad2ad0002ad2ad0002ad2ad2ad2ad043bfbd87c13813505a1b60adf4f6ff5]\n```\n\n### ASN Fingerprint\n\n\n```console\nsubfinder -d hackerone.com -silent | httpx -asn\n __ __ __ _ __\n / /_ / /_/ /_____ | |/ /\n / __ \\/ __/ __/ __ \\| /\n / / / / /_/ /_/ /_/ / |\n/_/ /_/\\__/\\__/ .___/_/|_|\n /_/ v1.2.1\n\n projectdiscovery.io\n\nUse with caution. You are responsible for your actions.\nDevelopers assume no liability and are not responsible for any misuse or damage.\nhttps://mta-sts.managed.hackerone.com [AS54113, FASTLY, US]\nhttps://gslink.hackerone.com [AS16509, AMAZON-02, US]\nhttps://www.hackerone.com [AS13335, CLOUDFLARENET, US]\nhttps://mta-sts.forwarding.hackerone.com [AS54113, FASTLY, US]\nhttps://resources.hackerone.com [AS16509, AMAZON-02, US]\nhttps://support.hackerone.com [AS13335, CLOUDFLARENET, US]\nhttps://mta-sts.hackerone.com [AS54113, FASTLY, US]\nhttps://docs.hackerone.com [AS54113, FASTLY, US]\nhttps://api.hackerone.com [AS13335, CLOUDFLARENET, US]\n```\n\n\n### File/Path Bruteforce\n\n\n```console\nhttpx -l urls.txt -path /v1/api -sc\n\n __ __ __ _ __\n / /_ / /_/ /_____ | |/ /\n / __ \\/ __/ __/ __ \\| /\n / / / / /_/ /_/ /_/ / |\n/_/ /_/\\__/\\__/ .___/_/|_|\n /_/ v1.1.5\n\n projectdiscovery.io\n\nUse with caution. You are responsible for your actions.\nDevelopers assume no liability and are not responsible for any misuse or damage.\nhttps://mta-sts.managed.hackerone.com/v1/api [404]\nhttps://mta-sts.hackerone.com/v1/api [404]\nhttps://mta-sts.forwarding.hackerone.com/v1/api [404]\nhttps://docs.hackerone.com/v1/api [404]\nhttps://api.hackerone.com/v1/api [401]\nhttps://hackerone.com/v1/api [302]\nhttps://support.hackerone.com/v1/api [404]\nhttps://resources.hackerone.com/v1/api [301]\nhttps://gslink.hackerone.com/v1/api [404]\nhttp://www.hackerone.com/v1/api [301]\n```\n\n### Docker Run\n\n```console\ncat sub_domains.txt | docker run -i projectdiscovery/httpx\n\n __ __ __ _ __\n / /_ / /_/ /_____ | |/ /\n / __ \\/ __/ __/ __ \\| /\n / / / / /_/ /_/ /_/ / |\n/_/ /_/\\__/\\__/ .___/_/|_|\n /_/ v1.1.2\n\n projectdiscovery.io\n\nUse with caution. You are responsible for your actions\nDevelopers assume no liability and are not responsible for any misuse or damage.\nhttps://mta-sts.forwarding.hackerone.com\nhttps://mta-sts.hackerone.com\nhttps://mta-sts.managed.hackerone.com\nhttps://www.hackerone.com\nhttps://api.hackerone.com\nhttps://gslink.hackerone.com\nhttps://resources.hackerone.com\nhttps://docs.hackerone.com\nhttps://support.hackerone.com\n```\n\n### Using `httpx` as a library\n`httpx` can be used as a library by creating an instance of the `Option` struct and populating it with the same options that would be specified via CLI. Once validated, the struct should be passed to a runner instance (to be closed at the end of the program) and the `RunEnumeration` method should be called. Here follows a minimal example of how to do it:\n\n```go\npackage main\n\nimport (\n\t\"log\"\n\n\t\"github.com/projectdiscovery/goflags\"\n\t\"github.com/projectdiscovery/gologger\"\n\t\"github.com/projectdiscovery/gologger/levels\"\n\t\"github.com/projectdiscovery/httpx/runner\"\n)\n\nfunc main() {\n\tgologger.DefaultLogger.SetMaxLevel(levels.LevelVerbose) // increase the verbosity (optional)\n\n\toptions := runner.Options{\n\t\tMethods: \"GET\",\n\t\tInputTargetHost: goflags.StringSlice{\"scanme.sh\", \"projectdiscovery.io\"},\n\t\t//InputFile: \"./targetDomains.txt\", // path to file containing the target domains list \n\t}\n\n\tif err := options.ValidateOptions(); err != nil {\n\t\tlog.Fatal(err)\n\t}\n\n\thttpxRunner, err := runner.New(\u0026options)\n\tif err != nil {\n\t\tlog.Fatal(err)\n\t}\n\tdefer httpxRunner.Close()\n\n\thttpxRunner.RunEnumeration()\n}\n```\n\n\n# Notes\n\n- As default, `httpx` checks for **HTTPS** probe and fall-back to **HTTP** only if **HTTPS** is not reachable.\n- The `-no-fallback` flag can be used to display both **HTTP** and **HTTPS** results \n- Custom scheme for ports can be defined, for example `-ports http:443,http:80,https:8443`\n- The following flags should be used for specific use cases instead of running them as default with other probes:\n * `-favicon`,`-vhost`, `-http2`, `-pipeline`, `-ports`, `-csp-probe`, `-tls-probe`, `-path`\n- When using the `-json` flag, all the default probe results are included in the JSON output.\n- Custom resolver supports multiple protocol (**doh|tcp|udp**) in form of `protocol:resolver:port` (e.g. `udp:127.0.0.1:53`)\n- Invalid custom resolvers/files are ignored.\n\n# Acknowledgement\n\nProbing feature is inspired by [@tomnomnom/httprobe](https://github.com/tomnomnom/httprobe) work ❤️\n\n\n--------\n\n\u003cdiv align=\"center\"\u003e\n\n`httpx` is made with 💙 by the [projectdiscovery](https://projectdiscovery.io) team and distributed under [MIT License](LICENSE.md).\n\n\n\u003ca href=\"https://discord.gg/projectdiscovery\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/projectdiscovery/nuclei-burp-plugin/main/static/join-discord.png\" width=\"300\" alt=\"Join Discord\"\u003e\u003c/a\u003e\n\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsurface-security%2Fhttpx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsurface-security%2Fhttpx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsurface-security%2Fhttpx/lists"}