Last active
July 1, 2023 14:28
-
-
Save momenbasel/237e7269b738575d2ef7b8c748ad58b2 to your computer and use it in GitHub Desktop.
HTTP headers is the language that all web servers speaks, it can be golden gem for security researcher.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| X-Forwarded-Host | |
| X-Forwarded-Port | |
| X-Forwarded-Scheme | |
| Origin: null | |
| Origin: [siteDomain].attacker.com | |
| X-Frame-Options: Allow | |
| X-Forwarded-For: 127.0.0.1 | |
| X-Client-IP: 127.0.0.1 | |
| Client-IP: 127.0.0.1 | |
| ---For injecting BXSS(blind XSS) || SQLI payloads--- | |
| Referer | |
| X-Wap-Profile | |
| X-Original-Url | |
| Forwarded | |
| X-Originated-IP | |
| X-Client-IP | |
| From | |
| User Agent | |
| ---Possible File upload vulnerabilities--- | |
| X-HTTP-Method-Override: PUT |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment