Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

change headers for every request

ian | Last updated: Sep 06, 2023 12:46PM UTC

am trying to change the x-forwarded-for header for every request in intruder, how can i do this

Michelle, PortSwigger Agent | Last updated: Sep 07, 2023 07:22AM UTC

Would creating a session handling rule to set a specific header work in your scenario? https://portswigger.net/burp/documentation/desktop/settings/sessions https://portswigger.net/burp/documentation/desktop/settings/sessions/session-handling-rules#set-a-specific-header-value If not, can you tell us a bit more about your workflow, please?

ian | Last updated: Sep 07, 2023 08:03AM UTC

am trying to brute force usernames for a lab, the x-forwarded-for header needs to be dynamic in order for me not to exceed set limits, am using battering ram attack type i need to set position for x-forwarded-for header and usernames, or just the x-forwarded-for header to be the username, if i set it like this i cant use battering ram, any help i would appreciate

ian | Last updated: Sep 07, 2023 09:16AM UTC

i found a solution thank you, did not know when using battering ram one payload can be used in two positions, Thank you

Michelle, PortSwigger Agent | Last updated: Sep 07, 2023 10:46AM UTC