Skip to content

Instantly share code, notes, and snippets.

@mohammadobaid1

mohammadobaid1/headersPentest

Forked from momenbasel/headersPentest
Created August 17, 2019 17:16
Show Gist options
  • Save mohammadobaid1/f17bea697b676fae8936d0e47159d2d3 to your computer and use it in GitHub Desktop.
Save mohammadobaid1/f17bea697b676fae8936d0e47159d2d3 to your computer and use it in GitHub Desktop.
Download ZIP
HTTP headers is the language that all web servers speaks, it can be golden gem for security researcher.
Raw
headersPentest
X-Forwarded-Host
X-Forwarded-Port
X-Forwarded-Scheme
Origin: null, [siteDomain].attacker.com
X-Frame-Options: Allow
---For injecting BXSS(blind XSS) || SQLI payloads---
X-Wap-Profile
X-Original-Url
Forwarded
X-Originated-IP
X-Client-IP
From
User Agent
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment