com um clique
strix-httpx
Strix httpx 探测命令手册,覆盖探针参数、输出格式与自动化安全用法;触发名:strix-httpx
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Menu
Strix httpx 探测命令手册,覆盖探针参数、输出格式与自动化安全用法;触发名:strix-httpx
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Baseado na classificação ocupacional SOC
面向中文用户和新手的统一入口,保持原有两种模式:1) 自动分流,2) 先头脑风暴再分流。分流目标既可以是 ctf-*,也可以在 Web/接口/漏洞验证阶段增强到 strix-*;适合不知道该用哪个 skill、想先理清题意、又不想自己先判断何时该切到工具链或漏洞专项的场景;触发名:ctf-beginner-hub
面向 CTF 新手与综合题的统一总控 skill。保持原有两种主模式:1) 自动分流,2) 先头脑风暴再分流。分流目标既可以是 ctf-*,也可以在 Web/接口/漏洞验证阶段增强到 strix-*;适合不知道该用哪个 skill、想边做边学、又不想自己先判断何时切换到工具链或漏洞专项的场景;触发名:ctf-super-hub
Strix JWT 与 OIDC 安全测试手册,覆盖令牌伪造、算法混淆与声明篡改;触发名:strix-authentication-jwt
给中文用户和新手用的 Strix Lite 统一入口:先判断该用哪一个 strix-* 工具或漏洞测试 skill,再给最小化起手步骤;适合在 Web 安全测试、工具链使用、漏洞验证时不知道先用哪个 Strix skill 的场景;触发名:strix-beginner-hub
Strix 功能级授权缺陷测试手册,覆盖操作级权限失效、管理功能越权与 API 操作绕过;触发名:strix-broken-function-level-authorization
Strix 业务逻辑漏洞测试手册,覆盖流程绕过、状态操控与领域约束破坏;触发名:strix-business-logic
| name | Strix•httpx 用法 |
| description | Strix httpx 探测命令手册,覆盖探针参数、输出格式与自动化安全用法;触发名:strix-httpx |
Official docs:
Canonical syntax:
httpx [flags]
High-signal flags:
-u, -target <url> single target-l, -list <file> target list-nf, -no-fallback probe both HTTP and HTTPS-nfs, -no-fallback-scheme do not auto-switch schemes-sc status code-title page title-server, -web-server server header-td, -tech-detect technology detection-fr, -follow-redirects follow redirects-mc <codes> / -fc <codes> match or filter status codes-path <path_or_file> probe specific paths-p, -ports <ports> probe custom ports-proxy, -http-proxy <url> proxy target requests-tlsi, -tls-impersonate experimental TLS impersonation-j, -json JSONL output-sr, -store-response store request/response artifacts-srd, -store-response-dir <dir> custom directory for stored artifacts-silent compact output-rl <n> requests/second cap-t <n> threads-timeout <seconds> request timeout-retries <n> retry attempts-o <file> output fileAgent-safe baseline for automation:
httpx -l hosts.txt -sc -title -server -td -fr -timeout 10 -retries 1 -rl 50 -t 25 -silent -j -o httpx.jsonl
Common patterns:
httpx -l hosts.txt -sc -title -server -td -silent -o httpx.txthttpx -l hosts.txt -path /,/login,/admin -sc -title -silent -j -o httpx_paths.jsonlhttpx -l hosts.txt -nf -sc -title -silenthttpx -l hosts.txt -vhost -sc -title -silent -j -o httpx_vhost.jsonlhttpx -l hosts.txt -sc -title -proxy http://127.0.0.1:48080 -silent -j -o httpx_proxy.jsonlhttpx -l hosts.txt -fr -sr -srd recon/httpx_store -sc -title -server -cl -ct -location -probe -silentCritical correctness rules:
-j -o <file>.-rl and -t explicit for reproducible throughput.-nf when you need dual-scheme probing from host-only input.-path or -ports, keep scope tight to avoid accidental scan inflation.-sr -srd <dir> when later steps need raw response artifacts (JS/route extraction, grepping, replay).Usage rules:
-silent for pipeline-friendly output.-mc/-fc when downstream steps depend on specific response classes.-proxy flag over global proxy env vars when only httpx traffic should be proxied.-h/--help for routine runs unless absolutely necessary.Failure recovery:
-rl/-t and/or increase -timeout.-fc filters or -fd duplicate filtering.-nf (and avoid -nfs).If uncertain, query web_search with:
site:docs.projectdiscovery.io httpx <flag> usage