http-request-smuggler
Request Smuggling Tool
An extension for Burp Suite to help identify and exploit HTTP Request Smuggling vulnerabilities.
958 stars
27 watching
102 forks
Language: Java
last commit: 11 months ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 anshumanpattnaik/http-request-smuggling | Detects HTTP Request Smuggling vulnerabilities in web applications | 472 |
| portswigger/httpoxy-scanner | Tools to help identify vulnerabilities in web applications using HTTPoxy scanning. | 88 |
| portswigger/backslash-powered-scanner | An extension for Burp Suite that scans for unknown classes of injection vulnerabilities using a novel approach | 637 |
| portswigger/json-decoder | Tools for analyzing and manipulating HTTP requests and responses in BurpSuite | 10 |
| portswigger/replicator | An extension for the Burp Suite toolset to help developers reproduce issues discovered by pen testers | 70 |
| portswigger/param-miner | An extension tool used to identify hidden parameters in web requests | 1,245 |
| portswigger/reflected-parameters | Tools and techniques for exploiting reflected parameter vulnerabilities in Java-based applications | 19 |
| portswigger/copy-as-python-requests | A plugin that allows Burp Suite users to easily copy selected requests as Python code | 61 |
| portswigger/example-scanner-checks | A Java-based toolset that provides custom scanning checks and techniques for extending Burp Suite's built-in scanning capabilities. | 15 |
| portswigger/command-injection-attacker | An OS command injection detection and exploitation tool that provides methodologies and software for identifying and exploiting vulnerabilities in applications. | 107 |
| portswigger/random-ip-address-header | This Java project generates and manipulates HTTP headers to include random IP addresses for testing and development purposes. | 6 |
| portswigger/additional-scanner-checks | A collection of passive scanner checks to identify security vulnerabilities in web applications | 27 |
| portswigger/html5-auditor | An HTML validation and security testing tool for identifying vulnerabilities in web applications | 4 |
 defparam/smuggler | An HTTP Request Smuggling / Desync testing tool written in Python 3 | 1,819 |
 nachiketrathod/http.request.smuggling.desync.attack | An attacker exploits HTTP request smuggling to manipulate the sequence of requests and deceive both front-end and back-end security controls. | 14 |