.png)
2 days ago
13 BOOK THIS SPACE FOR AD
ARTICLE AD
As a security researcher, penetration tester, or bug bounty hunter, analyzing HTTP responses is a crucial yet time-consuming task. Manually checking the status codes of numerous URLs can be inefficient and error-prone. Recognizing this challenge, YogSec has developed HTTP FILTER, a lightweight Bash tool designed to automate and simplify the process of analyzing HTTP responses.
HTTP FILTER is a Bash-based utility that helps cybersecurity professionals quickly identify URLs with interesting or anomalous HTTP responses. It streamlines the reconnaissance process by concurrently sending HTTP requests to multiple URLs and categorizing the responses based on status codes into separate text files.
GitHUb — https://github.com/yogsec/HTTP-FILTER
During the reconnaissance phase of security assessments, professionals often deal with massive lists of URLs. Spotting URLs that return error codes like 500 Internal Server Error or 403 Forbidden is vital, as these often hint at vulnerabilities or misconfigurations. However, traditional methods can be slow and manual inspection can lead to oversight. HTTP FILTER eliminates this bottleneck, ensuring faster and more accurate identification.
Concurrent Processing: HTTP FILTER sends HTTP requests concurrently, significantly reducing the time required to analyze large URL lists.Response-Based Categorization: URLs are automatically categorized into text files based on HTTP status codes (e.g., 200.txt, 404.txt, 500.txt).Failed Requests Handling: Unreachable URLs are logged into failed.txt for further investigation.Output Directory: Results are organized into a directory named after the input file for easy access.Single URL Support: Check a single URL on the fly.Color-Coded Terminal Output: Real-time, color-coded results enhance visibility.Ensure you have Bash and curl installed on your system. Then, make the script executable:
chmod +x http_filter.shCheck a Single URL
./http_filter.sh -d https://example.comProcess a List of URLs
./http_filter.sh -l urls.txtThis will create a directory urls_responses containing files like:
200.txt – URLs with 200 OK404.txt – URLs with 404 Not Found500.txt – URLs with 500 Internal Server Errorfailed.txt – Unreachable URLs[200] https://example.com[404] https://example.com/notfound
[500] https://example.com/servererror
[FAILED] https://example.com/timeout
While httpx by ProjectDiscovery is a feature-rich, Go-based HTTP probing tool, HTTP FILTER is a lightweight alternative focusing solely on HTTP status code filtering. HTTP FILTER is easier to set up and use for quick URL status checks, while httpx is better suited for comprehensive HTTP probing tasks.
Feature HTTP FILTER httpx (ProjectDiscovery) Language Bash Go Focus Status Code Filtering Advanced HTTP Probing Concurrency Basic High-performance Output Text Files JSON, CSV, Custom Ease of Use Very Easy Moderate
Hey there! 👋 If you enjoyed this post and want to see more, let’s connect across different platforms and grow together:
🌐 Website: https://yogsec.github.io/yogsec/
📜 Linktree: https://linktr.ee/yogsec
🔗 GitHub: https://github.com/yogsec
💼 LinkedIn (Company): https://www.linkedin.com/company/yogsec/
📷 Instagram: https://www.instagram.com/yogsec.io/
🐦 Twitter (X): https://x.com/yogsec
📝 Medium: https://medium.com/@yogsec
👨💼 Personal LinkedIn: https://www.linkedin.com/in/bug-bounty-hunter/
📧 Email: abhinavsingwal@gmail.com
If you found this article helpful, consider buying me a coffee. Your support means the world and helps me create more valuable content. ❤️
☕ Support Here: https://buymeacoffee.com/yogsec
Bengali (Bangladesh) · 
English (United States) ·