Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mlcsec/headi
Customisable and automated HTTP header injection
https://github.com/mlcsec/headi
bugbounty golang header-injection
Last synced: about 1 month ago
JSON representation
Customisable and automated HTTP header injection
- Host: GitHub
- URL: https://github.com/mlcsec/headi
- Owner: mlcsec
- Created: 2020-12-19T13:56:16.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2024-06-27T11:20:13.000Z (6 months ago)
- Last Synced: 2024-08-01T10:16:56.951Z (4 months ago)
- Topics: bugbounty, golang, header-injection
- Language: Go
- Homepage:
- Size: 37.1 KB
- Stars: 211
- Watchers: 5
- Forks: 50
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-bugbounty-tools - headi - Customisable and automated HTTP header injection. (Exploitation / Header Injection)
- WebHackersWeapons - headi
- awesome-hacking-lists - mlcsec/headi - Customisable and automated HTTP header injection (Go)
README
# headi
Customisable and automated HTTP header injection. Example run from the HTB machine Control:`InsecureSkipVerify` is not currently configured, if you want to disable security checks then feel free to uncomment `crypto/tls` in the imports and the `TLSClientConfig: &tls.Config{InsecureSkipVerify: true},` lines in http transport configuration and then build locally.
## Install
```
go install github.com/mlcsec/headi@latest
```Or from git:
```shell
git clone https://github.com/mlcsec/headi.git
make before.build
make build.headi
sudo mv headi /usr/local/bin
```
## Headers
Injects the following HTTP headers:
* Client-IP
* Connection
* Contact
* Forwarded
* From
* Host
* Origin
* Referer
* True-Client-IP
* X-Client-IP
* X-Custom-IP-Authorization
* X-Forward-For
* X-Forwarded-For
* X-Forwarded-Host
* X-Forwarded-Server
* X-Host
* X-HTTP-Host-Override
* X-Original-URL
* X-Originating-IP
* X-Real-IP
* X-Remote-Addr
* X-Remote-IP
* X-Rewrite-URL
* X-Wap-ProfileAn initial baseline request is made to gauge the normal response for the target resource. Green indicates a change in the response and red no change. `[+]` and `[-]` respectively.
## Usage
Two options for HTTP header injection:1. Default payloads (127.0.0.1, localhost, etc.) are injected into the headers mentioned above
2. Custom payloads can be supplied (e.g. you've enumerated some internal IPs or domains) using the `pfile` parameter```
$ headi
Usage:
headi -u https://target.com/resource
headi -u https://target.com/resource -p internal_addrs.txtOptions:
-p, --pfile Payload File
-t, --timeout HTTP Timeout
-u, --url Target URL
```
Currently only takes one URL as input but you can easily bash script for numerous URLs like so:
```
$ for i in $(cat urls); do headi -url $i;done
```