Host Header Injection Scanner
-
Updated
Oct 27, 2020 - Python
Host Header Injection Scanner
Automatic Web Vulnerability Scanner.
This script identifies Host Header Injection vulnerabilities in a list of URLs or a specific domain, outputting the vulnerable locations along with the specific headers causing the vulnerability
A burp extention to find host header injection vulnerabilities
Host Header Injection Scanner Tool.
Practical Host header attack scanner — injection, SSRF, cache poisoning, open redirect, auth bypass & vhost discovery, with raw-HTTP bypasses and OOB confirmation.
Simple website host header injection vulnerability checker.
Real-world bug bounty methodology — IDOR scoring, Host Header Injection validity, Open Redirect triage, WAF fingerprinting, and reporting templates. Built from live program experience.
During a security assessment, I identified a Host Header Authentication Bypass vulnerability caused by improper validation of the HTTP Host header. The application trusted user-controlled Host header values during request processing, allowing manipulation of security-sensitive logic.
Add a description, image, and links to the host-header-injection topic page so that developers can more easily learn about it.
To associate your repository with the host-header-injection topic, visit your repo's landing page and select "manage topics."