A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Switch branches/tags
Nothing to show
Clone or download
irsdl Merge pull request #3 from menzow/feature/add-ant-compatibility
Feature: Make build.xml compatible with ant.
Latest commit 16c46bb Jul 28, 2018

README.md

Burp Suite HTTP Smuggler

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques. This extension has been developed by Soroush Dalili (@irsdl) from NCC Group.

The initial release (v0.1) only supports the Encoding capability that can be quite complicated to be performed manually. See the references for more details.

Next versions will include more techniques and possible bug fixes.

Example Screenshots

AppSec EU 18 - example1

AppSec EU 18 - example2

References:

Released under AGPL v3.0 see LICENSE for more information