https://github.com/rammarj/burp-header-injector

Burp Free plugin to test for host header injection vulnerabilities. (Development)
https://github.com/rammarj/burp-header-injector

Last synced: 28 days ago
JSON representation

Burp Free plugin to test for host header injection vulnerabilities. (Development)

• Host: GitHub
• URL: https://github.com/rammarj/burp-header-injector
• Owner: rammarj
• License: gpl-3.0
• Created: 2018-01-16T08:10:04.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2023-05-04T05:08:48.000Z (about 1 year ago)
• Last Synced: 2024-03-14T19:33:03.051Z (3 months ago)
• Language: Java
• Homepage:
• Size: 29.3 KB
• Stars: 2
• Watchers: 1
• Forks: 3
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Lists

• awesome-burp-suite - **1**星
• awesome-burp-suite - **1**星

README

        
# burp-header-injector

Plugin for Burp Suite Free wich detects reflected parameterss in responses generated server side.

## Introduction

Finding reflected parameters is alway useful for testing reflected XSS issues.

Find them while browsing with this plugin for burp free.

## Developement

This extension is currently in developement.

## TODO

- Add configurable headers to inject and the values to inject

- Maybe, the functionality could be added as a feature to the [burp reflected param](https://github.com/rammarj/burp-reflected-param) project.

## Setup

Download the jar file located in the releases section and import it in the extender option of burp suite. For more information about how to use extender option see the [official documentation](https://portswigger.net/burp/documentation/desktop/tools/extender#loading-and-managing-extensions)

## Local compilation

If you want to compile the code yourself, you need to have [maven](https://maven.apache.org/) installed and run the following command in the base directory of the project:

```console

$ mvn clean install

```

## Contibuting

Feel free to create an issue or a pull request if you see any bugs.