With the recent advancements in technology, more people are aware of the importance of security. More companies started paying huge rewards to protect the sensitive information of their customers. Automated scanners won’t yield you bugs these days. Automated scanners can’t be used to scan every website you visit daily. You need a smart scanner while hunting for bugs.
I found vulnerabilities in Bugcrowd, Hotstar, Medium, Signup.com, Chargify etc using this minimal browser extension. In this talk, we will be focusing on creating your own minimal smart scanner as browser(Firefox ESR) extension to detect header related vulnerabilities. This extension monitors the request and response headers passing through your browser and detects vulnerabilities in them. The browser extension is capable of detecting CORS misconfigurations, host header injections, and clickjacking vulnerabilities.
In the process, you will be learning about basic header vulnerabilities like CORS misconfiguration, host header injection, clickjacking and exploitation scenarios, detection methods and the biggest bounties earned through simplest detection techniques for each of the above vulnerabilities.