https://github.com/ethicalhackingplayground/hrekt

A really fast http prober.
https://github.com/ethicalhackingplayground/hrekt

Last synced: about 1 month ago
JSON representation

A really fast http prober.

• Host: GitHub
• URL: https://github.com/ethicalhackingplayground/hrekt
• Owner: ethicalhackingplayground
• License: mit
• Created: 2023-04-29T15:53:05.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-02-01T00:54:07.000Z (11 months ago)
• Last Synced: 2024-11-06T08:43:45.991Z (about 1 month ago)
• Language: Rust
• Size: 57.6 KB
• Stars: 39
• Watchers: 1
• Forks: 7
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-offensive-rust - Hrekt - A really fast http prober. (Projects)
• awesome-hacking-lists - ethicalhackingplayground/hrekt - A really fast http prober. (Rust)

README

        
hrekt

  




A really fast http prober.




  

  

  

  

  

  




---



  Install •

  Usage •

  Examples •

  FYI •

  Contributing •

  License •

  Join Discord 



---

## Installation

#### Fresh Installs

```bash

cargo build -r

mv target/release/hrekt /bin/hrekt

```

#### Already been installed

```bash

cargo build -r

mv target/release/hrekt //.cargo/bin/

```

Make sure to replace `` with your username.

or 

#### Installer

```bash

chmod +x install.sh ; ./install.sh

```

## For Windows Users

If you want to install hrekt on Windows, you are required to install `perl` & `rust`

#### Dependencies

- Perl: [https://strawberryperl.com/](https://strawberryperl.com/)

- Rust: [https://www.rust-lang.org/learn/get-started](https://www.rust-lang.org/learn/get-started)]

Then you should be able to run

```bash

cargo install --path .

```

Which will than build and compile the binary to `target/release/hrekt.exe`

Can only be compiled locally right now.

## Usage

```bash

Usage: hrekt [OPTIONS]

Options:

  -r, --rate 

          Maximum in-flight requests per second

          

          [default: 1000]

  -c, --concurrency 

          The amount of concurrent requests

          

          [default: 100]

  -t, --timeout 

          The delay between each request

          

          [default: 3]

  -w, --workers 

          The amount of workers

          

          [default: 1]

  -p, --ports 

          the ports to probe default ports are (80,443)

          

          [default: 80,443]

      --title

          display the page titles

      --tech-detect

          display the technology used

      --status-code

          display the status-codes

      --server

          displays the server

      --content-type

          displays the content type

      --content-length

          displays the content length

  -x, --path 

          probe the specified path

          

          [default: ]

      --body-regex 

          regex to be used to match a specific pattern in the response

          

          [default: ]

      --header-regex 

          regex to be used to match a specific pattern in the header

          

          [default: ]

  -l, --follow-redirects

          follow http redirects

  -q, --silent

          suppress output

  -h, --help

          Print help (see a summary with '-h')

  -V, --version

          Print version

```

---

## Demonstration

[![asciicast](https://asciinema.org/a/XekxthZdgxO5luq7wTDvOxamq.svg)](https://asciinema.org/a/XekxthZdgxO5luq7wTDvOxamq)

---

## Examples

#### Display titles

```bash

cat subs.txt | hrekt --title

```

#### Probe ports

```bash

cat subs.txt | hrekt --ports 443,80,9200 

```

#### Display technologies

```bash

cat subs.txt | hrekt --tech-detect

```

#### Probe the response body

```bash

cat subs.txt | hrekt --body-regex 'href="\/content\/dam.*'

```

#### Probe the headers

```bash

cat subs.txt | hrekt --header-regex 'Server:.*'

```

#### Probe the path

```bash

cat subs.txt | hrekt --path /v1/api

```

#### Multiple Flags

```bash

cat subs.txt | hrekt --path /etc.clientlibs --tech-detect --title --body-regex 'href="\/content\/dam.*'

```

## FYI

It's advisable to only use tech detection when needed, as it tends to result in slow discoveries because we use chromium based detection.

---

If you find any cool bugs, it would be nice if I have some sorta appreciation such as shouting me out on your Twitter, buying me a coffee or donating to my Paypal.

  

[![BuyMeACoffee](https://img.shields.io/badge/Buy%20Me%20a%20Coffee-ffdd00?style=for-the-badge&logo=buy-me-a-coffee&logoColor=black)](https://www.buymeacoffee.com/SBhULWm) [![PayPal](https://img.shields.io/badge/PayPal-00457C?style=for-the-badge&logo=paypal&logoColor=white)](https://www.paypal.com/paypalme/cyberlixpty)

I hope you enjoy

## Contributing

Pull requests are welcome. For major changes, please open an issue first

to discuss what you would like to change.

Please make sure to update tests as appropriate.

## License

Hrekt is distributed under [MIT License](https://github.com/ethicalhackingplayground/hrekt/blob/main/LICENSE)