Http Request Smuggler : Extension For Burp Suite

This is an extension for Burp Suite designed to help you launch HTTP Request Smuggler attacks, originally created during HTTP Desync Attacks research.

It supports scanning for Request Smuggling vulnerabilities, and also aids exploitation by handling cumbersome offset-tweaking for you.

Install Http Request Smuggler

The easiest way to install this is in Burp Suite, via Extender -> BApp Store.

If you prefer to load the jar manually, in Burp Suite (community or pro), use Extender -> Extensions -> Add to load build/libs/http-request-smuggler-all.jar

Compile

  • Turbo Intruder is a dependency of this project, add it to the root of this source tree as turbo-intruder-all.jar
  • Build with gradle fatJar

Also Read : PHPStan – PHP Static Analysis Tool – Discover Bugs In Your Code Without Running It

Use

Right click on a request and click ‘Launch Desync probe’, then watch the extension’s output pane under Extender->Extensions->HTTP Request Smuggler

If you’re using Burp Pro, any findings will also be reported as scan issues.

Video Demo

R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

2 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

2 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

2 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

2 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

2 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

2 weeks ago