{"id":12556,"date":"2021-04-25T21:38:44","date_gmt":"2021-04-25T16:08:44","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=12556"},"modified":"2021-04-25T21:38:44","modified_gmt":"2021-04-25T16:08:44","slug":"httpdoom","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/httpdoom\/","title":{"rendered":"HttpDoom : A Tool For Response-Based Inspection Of Websites"},"content":{"rendered":"\n

HttpDoom <\/strong>is a validate large HTTP-based attack surfaces in a very fast way. Heavily inspired by Aquatone<\/a>.<\/p>\n\n\n\n

Why?<\/strong><\/p>\n\n\n\n

When I utilize Aquatone to flyover some hosts, I have some performance issues by the screenshot feature, and the lack of extension capabilities – like validating front-end technologies with a plugin-like system -, also, my codebase is mainly C# and Rust, and make the maintenance of a tool wrote in another language can lead to a lot of issues.<\/p>\n\n\n\n

With these ideas in mind, HttpDoom is born.<\/p>\n\n\n\n

Installing<\/strong><\/p>\n\n\n\n

In order to install HttpDoom, in the current release cycle, due to not have a runtime-independent build at this time (only devel<\/em> builds are available<\/strong>), you must have .NET5 runtime (or SDK) – AKA dotnet<\/code> – installed in your host<\/strong>, with the .NET toolchain available in your Linux or macOS (automatic installation for Windows is not supported at this time, your PR to installation script is welcome. WSL works fine):<\/p>\n\n\n\n

$ .\/installer.sh<\/strong><\/p>\n\n\n\n

The installer script also updates (removing the current instalation) new releases of HttpDoom.<\/p>\n\n\n\n

How this works?<\/strong><\/p>\n\n\n\n

The description (--help<\/code>) of the CLI is all you need to know:<\/p>\n\n\n\n

HttpDoom:<\/strong>
HttpDoom is a tool for response-based inspection of websites across a large
surface.
amount of hosts for quickly gaining an overview of HTTP-based attack

Usage:<\/strong>
HttpDoom [options]

Options:<\/strong>
-d, –debug Print debugging information
-f, –follow-redirect HTTP client follow any automatic
redirects (default is false)
-m, –max-redirects Max automatic redirect depth when is
enable (default is 3)
-s, –screenshot Take screenshots from the alive host
with ChromeDriver (default is false)
-r, –screenshot-resolution Set screenshot resolution (default
is 1366×768)
-F, –capture-favicon Download the application favicon
-h, –headers Set default headers to every request
User-Agent)
(default is just a random
-t, –http-timeout Timeout in milliseconds for HTTP
requests (default is 5000)
-T, –threads Number of concurrent threads
(default is 20)
-o, –output-directory Path to save the output directory

-p, –ports Set of ports to check (default is
80, 443, 8080 and 8433)
-P, –proxy Proxy to use for HTTP requests
-w, –word-list List of hosts to flyover against
(REQUIRED)
–version Show version information
-?, -h, –help Show help and usage information<\/p>\n\n\n\n

But it is fast?<\/strong><\/p>\n\n\n\n

Let’s take a look on the result of a flyover agains 5000 hosts on default HttpDoom ports (80, 443, 8080 and 8433), running in the very first working release, with 2 threads (provided by a generic Amazon EC2 instance) agains the same settings on Aquatone 1.7.0:<\/p>\n\n\n\n