This extension adds an active scan check for the HTTPoxy vulnerability.
HTTPoxy is a vulnerability that arises when the application reads the Proxy header value from an HTTP request, saves it to the HTTP_PROXY environment variable, and outgoing HTTP requests made by the server use it to proxy those requests.
Note: This extension requires Burp Suite Professional v1.7.09 or later.
|Author||Guifre Ruiz, PortSwigger Web Security|
|Last updated||21 October 2016|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.