Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Login to post

change headers for every request

ian | Last updated: Sep 06, 2023 12:46PM UTC

am trying to change the x-forwarded-for header for every request in intruder, how can i do this

Michelle, PortSwigger Agent | Last updated: Sep 07, 2023 07:22AM UTC

Would creating a session handling rule to set a specific header work in your scenario? https://portswigger.net/burp/documentation/desktop/settings/sessions https://portswigger.net/burp/documentation/desktop/settings/sessions/session-handling-rules#set-a-specific-header-value If not, can you tell us a bit more about your workflow, please?

ian | Last updated: Sep 07, 2023 08:03AM UTC

am trying to brute force usernames for a lab, the x-forwarded-for header needs to be dynamic in order for me not to exceed set limits, am using battering ram attack type i need to set position for x-forwarded-for header and usernames, or just the x-forwarded-for header to be the username, if i set it like this i cant use battering ram, any help i would appreciate

ian | Last updated: Sep 07, 2023 09:16AM UTC

i found a solution thank you, did not know when using battering ram one payload can be used in two positions, Thank you

Michelle, PortSwigger Agent | Last updated: Sep 07, 2023 10:46AM UTC

Thanks for the update :)

You need to Log in to post a reply. Or register here, for free.