Speed Up Web App Testing with HTTPX on Kali

One of the most popular penetration testing distributions is Kali Linux. With over 600 preinstalled tools for information gathering, vulnerability assessment, exploitation, reverse engineering, and more, Kali is a go-to choice for ethical hackers and cybersecurity professionals. However, the default Kali install lacks some newer tools that can make web application testing more efficient. One such tool is HTTPX - a fast, multi-purpose HTTP toolkit perfect for pentesters. In this article, I'll walk through getting HTTPX up and running on your Kali box.

Install Dependencies

HTTPX relies on Go to compile the binary, so first we need to install that:

apt update
apt install golang

We also need to install the GCC compiler:

apt install gcc

Download HTTPX

Now we can fetch the HTTPX source code from GitHub:

go get -u github.com/projectdiscovery/httpx/cmd/httpx

This will download it into your $GOPATH directory - likely ~/go/bin.

Set Permissions

To call HTTPX conveniently from anywhere, add the path to your binaries:

export PATH=$PATH:~/go/bin

Also give it execute permission:

chmod +x ~/go/bin/httpx

Test It Out

You should now be able to invoke HTTPX from any directory!

httpx -h

The wide range of options make HTTPX super versatile for testing web apps, whether looking for vulnerabilities, profiling servers, or mapping networks.

With this powerful new tool installed, you can conduct web app assessments faster and more efficiently. HTTPX is just one example of the new generation of pentesting utilities not included in Kali by default. Let me know in the comments what other tools you find useful!