HExHTTP

Header Exploitation HTTP

HTTP header behavior analysis tool

Beta version

Usage

usage: hexhttp.py [-h] [-u URL] [--full]

-h, --help  show this help message and exit
-u URL      URL login to test [required]
--full      To display full header

Examples

Features

Server Error response checking [IP]
Localhost header response analysis
Methods response analysis
CPDoS technique
CND Analysis
Technologies analysis (Ngninx - Envoy - Apache) [IP]
Header cache reaction analysis [IP]

Based on :

YWH HTTP Header Exploitation: https://blog.yeswehack.com/yeswerhackers/http-header-exploitation/
Cache Poisoning at Scale https://youst.in/posts/cache-poisoning-at-scale/
Web Cache Entanglement: Novel Pathways to Poisoning https://portswigger.net/research/web-cache-entanglement
Practical Web Cache Poisoning https://portswigger.net/research/practical-web-cache-poisoning
Responsible denial of service with web cache poisoning https://portswigger.net/research/responsible-denial-of-service-with-web-cache-poisoning
https://cpdos.org/

About

Header Exploitation HTTP

MIT License

Languages

Language:Python 99.8%Language:Dockerfile 0.2%