Skip to content

Instantly share code, notes, and snippets.

View albinowax's full-sized avatar

James Kettle albinowax

1.3k followers · 0 following
View GitHub Profile
@albinowax
albinowax / connection-state-attack.bambda
Created October 16, 2025 13:24
Connection state attack Custom Action for Burp Repeater
// For context check out https://portswigger.net/web-security/host-header/exploiting#connection-state-attacks
var connectionId = utilities().randomUtils().randomString(8);
var options = RequestOptions.requestOptions().withConnectionId(connectionId).withHttpMode(HttpMode.HTTP_1);
// Send a simple GET / HTTP/1.1 to the target as the precusor request
var url = requestResponse.request().url();
var precursorRequest = HttpRequest.httpRequestFromUrl(url);
precursorRequest = precursorRequest.withPath("/").withHeader("Connection", "keep-alive");
// Send the attack in the repeater, and update the response pane
@albinowax
albinowax / race-condition-probe.java
Last active October 5, 2025 14:47
Race condition custom action for Burp Repeater
// This will use the single-packet attack for HTTP/2, and last-byte synchronisation for HTTP/1
int NUMBER_OF_REQUESTS = 10;
var reqs = new ArrayList<HttpRequest>();
for (int i = 0; i < NUMBER_OF_REQUESTS; i++) {
reqs.add(requestResponse.request());
}
var responses = api().http().sendRequests(reqs);
var codes = responses.stream().map(HttpRequestResponse::response).filter(Objects::nonNull).map(HttpResponse::statusCode).toList();
logging().logToOutput(codes);
@albinowax
albinowax / keybase.md
Created January 25, 2018 16:11

Keybase proof

I hereby claim:

  • I am albinowax on github.
  • I am albinowax (https://keybase.io/albinowax) on keybase.
  • I have a public key ASBv05DYL6P70W0BVOQKKiklbP7Q13Fs5RdRJQLD5pJUYAo

To claim this, I am signing this object: