HTTPX

Purpose

HTTPX probes scope values for reachable HTTP services and emits URL assets with web metadata.

Plugin Information

Plugin ID: httpx

Category: Service Discovery

Plugin Type: http_probe

Execution: active CLI HTTP probe

Default State: enabled

Default Profiles:

• quick
• default
• deep
• stealth
• vuln_scan
• tls_audit
• web_discovery
• recon_expanded
• screenshot

Input Scope

Accepted asset types:

• Any scope item currently passed to the plugin by the worker.

Required metadata:

• None

Produces targets:

• Newline-delimited scope values on stdin.

Output

Creates assets:

• url

Creates vulnerabilities:

• None

May enrich:

• URL assets with HTTP and technology metadata.
• Service assets indirectly when URL metadata contains a valid ip and port.

Metadata:

• url: probed URL.
• status_code: HTTP status code from HTTPX.
• title: page title when available.
• technologies: normalized technology list.
• scheme: parsed URL scheme.
• host: parsed hostname.
• port: parsed or inferred port.
• ip: first valid IP found in ip, host, or a fields.

Graph Relations

When URL metadata contains an IP and port, the worker ensures a service and derives:

ip -> exposes -> service
service -> serves -> url

If no service can be inferred, the worker falls back to a hostname relation when the hostname asset exists:

domain/subdomain -> serves -> url

Files / Artifacts

Produces:

• None

Dependencies

Required binary: httpx

Required installer entry: tools.httpx

Command model:

httpx -json -silent -title -status-code -tech-detect [-rate-limit <n>]

Example Flow

service or host
  -> httpx
url

Notes

The wrapper treats no responsive hosts as an empty successful result unless stderr indicates a command failure and stdout is empty.