One of the most popular penetration testing distributions is Kali Linux. With over 600 preinstalled tools for information gathering, vulnerability assessment, exploitation, reverse engineering, and more, Kali is a go-to choice for ethical hackers and cybersecurity professionals. However, the default Kali install lacks some newer tools that can make web application testing more efficient. One such tool is HTTPX - a fast, multi-purpose HTTP toolkit perfect for pentesters. In this article, I'll walk through getting HTTPX up and running on your Kali box.
HTTPX relies on Go to compile the binary, so first we need to install that:
apt install golang
We also need to install the GCC compiler:
apt install gcc
Now we can fetch the HTTPX source code from GitHub:
go get -u github.com/projectdiscovery/httpx/cmd/httpx
This will download it into your
To call HTTPX conveniently from anywhere, add the path to your binaries:
Also give it execute permission:
chmod +x ~/go/bin/httpx
Test It Out
You should now be able to invoke HTTPX from any directory!
The wide range of options make HTTPX super versatile for testing web apps, whether looking for vulnerabilities, profiling servers, or mapping networks.
With this powerful new tool installed, you can conduct web app assessments faster and more efficiently. HTTPX is just one example of the new generation of pentesting utilities not included in Kali by default. Let me know in the comments what other tools you find useful!