This is an extension for Burp Suite designed to help you launch HTTP Request Smuggler attacks, originally created during HTTP Desync Attacks research.
It supports scanning for Request Smuggling vulnerabilities, and also aids exploitation by handling cumbersome offset-tweaking for you.
Install Http Request Smuggler
The easiest way to install this is in Burp Suite, via Extender -> BApp Store.
If you prefer to load the jar manually, in Burp Suite (community or pro), use Extender -> Extensions -> Add to load build/libs/http-request-smuggler-all.jar
turbo-intruder-all.jargradle fatJarAlso Read : PHPStan – PHP Static Analysis Tool – Discover Bugs In Your Code Without Running It
Right click on a request and click ‘Launch Desync probe’, then watch the extension’s output pane under Extender->Extensions->HTTP Request Smuggler
If you’re using Burp Pro, any findings will also be reported as scan issues.
Video Demo
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Linux is renowned for its versatility, open-source nature, and security. Whether you're a beginner, developer,…
Cyber insurance helps businesses and individuals mitigate financial losses from data breaches, ransomware, extortion, legal…
Ransomware is one of the most dangerous and destructive forms of cybercrime today. With cybercriminals…
Social media is a key part of our daily lives, with millions of users sharing…
What Are Data Brokers? Data brokers are companies that collect, aggregate, and sell personal information,…