HTTP Request Smuggling Detection Tool

#httprequestsmuggling #ethicalhacking The tool is written using python and to use this tool you must have python version 3.x installed in your local machine. It takes the input of either one URL or list of URLs which you need to provide in a text file and by following the HRS vulnerability detection technique the tool has built-in payloads which have around 37 permutes and detection payloads for both CL.TE and TE.CL and for every given host it will generate the attack request object by using these payloads and calculates the elapsed time after receiving the response for each request and decides the vulnerability but most of the time chances are it can be false positive, so to confirm the vulnerability you can use burp-suite turbo intruder and try your payloads. ***PLEASE FOLLOW BASIC SECURITY CONSENTS BEFORE USING THIS TOOL*** Portswigger Research blogs by James Kettle ===================================== https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn https://portswigger.net/web-security/request-smuggling https://portswigger.net/web-security/request-smuggling/finding https://portswigger.net/web-security/request-smuggling/exploiting Blog & Github link - https://github.com/anshumanpattnaik/http-request-smuggling https://hackbotone.com/blog/http-request-smuggling-detection-tool Outro Music Credit ================ Home Base Groove by Kevin MacLeod is licensed under a Creative Commons Attribution 4.0 license. https://creativecommons.org/licenses/by/4.0/ Source: http://incompetech.com/music/royalty-free/index.html?isrc=USUAN1100563 Artist: http://incompetech.com/ ================================================== Follow me: Medium: - https://medium.com/@hackbotone Facebook: - https://www.facebook.com/hackbotone/ Twitter: - https://twitter.com/anspattnaik Linkedin : - https://www.linkedin.com/in/anshuman123 Github: - https://github.com/anshumanpattnaik