http-client
Execute HTTP-requests like curl does. This command also supports HTTP/2
###
commands:
- type: http-client
url: https://www.google.com
http2: True
- type: http-client
cmd: POST
url: https://api.myapp.tld
useragent: "Mozilla Firefox 1/337"
headers:
"X-AUTH-TOKEN": "sometoken"
cookies:
mycookie: "cookie-value"
data:
view: edit
id: 10
- type: http-client
cmd: PUT
url: https://api.myapp.tld/dav
local_path: /tmp/webshell.php
- cmd
The HTTP-Method to use. Supported methods are:
GET
POST
PUT
DELETE
PATCH
HEAD
OPTIONS
- Type:
str
- Default:
GET
- url
Address of the target website.
- Type:
str
- Required:
True
- output_headers
Store headers in the output.
- Type:
str
- Default:
False
- headers
Include these extra headers in the request when sending HTTP to a server.
- Type:
dict[str,str]
- cookies
Pass the data to the HTTP server in the Cookie header.
- Type:
dict[str,str]
- data
Sends the specified data in a POST request to the HTTP server, in the same way that a browser does when a user has filled in an HTML form and presses the submit button.
- Type:
dict[str,str]
- local_path
Load content from the given file and send it via HTTP. This is useful for dav uploads.
- Type:
str
- useragent
Change the user-agent string.
- Type:
str
- Default:
AttackMate
- follow
Automatically follow redirects
- Type:
bool
- Default:
False
- verify
This option makes attackmate skip the secure connection verification step and proceed without checking.
- Type:
bool
- Default:
False
- http2
Try to use HTTP version 2. AttackMate will negotiate the HTTP version with the server and use HTTP2 if possible.
- Type:
bool
- Default:
False