S4E

HTTP Header Command Injection Vulnerability Fuzz & Scanner

You can fuzz HTTP headers for command injection using this tool.

Short Info

Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

5 minutes

Time Interval

3 days

Scan only one

Domain, IPv4

Toolbox

-

HTTP Header Injection vulnerabilities occur when user input is insecurely included within server responses headers.


This tool fuzz the following HTTP headers.

  1. Accept
  2. Accept-Charset
  3. Accept-Datetime
  4. Accept-Encoding
  5. Accept-Language
  6. Authorization
  7. Cache-Control
  8. Connection
  9. Content-Length
  10. Content-MD5
  11. Content-Type
  12. Cookie
  13. Date
  14. Expect
  15. Forwarded
  16. From
  17. Host
  18. If-Match
  19. If-Modified-Since
  20. If-None-Match
  21. If-Range
  22. If-Unmodified-Since
  23. Max-Forwards
  24. Origin
  25. Pragma
  26. Proxy-Authorization
  27. Range
  28. Referer
  29. TE
  30. Upgrade
  31. User-Agent
  32. Via
  33. Warning
Get started to protecting your Free Full Security Scan
Start trialSee the plans