Request_Smuggler is a Http request smuggling vulnerability scanner. Based on the amazing research by James Kettle. The tool can help to find servers that may be vulnerable to request smuggling vulnerability.
USAGE:
request_smuggler [OPTIONS] –url
FLAGS:
-h, –help Prints help information
-V, –version Prints version information
OPTIONS:
–amount-of-payloads low/medium/all [default: low]
-t, –attack-types
[ClTeMethod, ClTePath, ClTeTime, TeClMethod, TeClPath, TeClTime] [default: “ClTeTime” “TeClTime”]
–file
send request from a file
you need to explicitly pass \r\n at the end of the lines
-H, –header Example: -H ‘one:one’ ‘two:two’
-X, –method [default: POST]
-u, –url
-v, –verbose
0 – print detected cases and errors only,
1 – print first line of server responses
2 – print requests [default: 0]
–verify how many times verify the vulnerability [default: 2]
git clone https://github.com/Sh1Yo/request_smuggler
cd request_smuggler
cargo build –release
using cargo install
cargo install request_smuggler –version 0.1.0-alpha.2
git clone https://github.com/Sh1Yo/request_smuggler
cd request_smuggler
cargo build –release
using cargo install
cargo install request_smuggler –version 0.1.0-alpha.2
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…
What is a bash case statement? A bash case statement is a way to control…
Why Do We Check Files in Bash? When writing a Bash script, you often work…