Responses

Response Filters

There are two types of response filters: built-in filters and custom filters.

Built-in filters

The following built-in filters are available:

FilterLast Column Name
time:<RANGE>Based on the response time
status:<RANGE>According to the status code
contains:<STRING>Retains responses containing the substring
starts:<STRING>Retains responses starting with the string
ends:<STRING>Retains responses ending with the string
size:<RANGE>By response size
hash:<HASH>Matching the MD5 hash of the response
header:<KEY=VALUE>By specific response headers
json:<PATH=VALUE>According to the JSON response
depth:<RANGE>By the current depth
type:<TYPE>According to the response type
lines:<RANGE>By the number of lines
similar:<VALUE=THRESHOLD>Based on similarity (percentage) to a string
regex:<PATTERN>Matching a regular expression
url:<STRING>Retains responses whose URL contains the string

Displaying additional information

In a typical recon scenario, you may want to display useful information about the responses. You can use the --show option to display additional information about the responses that match the current filters.

The following additional information can be displayed:

OptionLast Column Name
typeThe response type (e.g., text/html, application/json, dir)
sizeThe response size in bytes
hashThe MD5 hash of the response body
headers_sizeThe size of the response headers in bytes
headers_hashThe MD5 hash of the response headers
bodyThe response body
headersThe response headers
cookiesThe response cookies
similar:<STRING>The similarity percentage to a string

Types of ranges

Ranges are used in filters and other options to specify a range of values. The following types of ranges are supported:

FormatPython Equivalent
5x == 5
5-105 <= x <= 10
5,10x == 5 or x == 10
>5x > 5
<5x < 5
5,10,15x == 5 or x == 10 or x == 15
>5,10,15x > 5 or x == 10 or x == 15
5-10,15-20(5 <= x <= 10) or (15 <= x <= 20)
ModesWordlists