HTTPoxyScan - HTTPoxy Exploit Scanner

PoC/Exploit scanner to scan common CGI files on a target URL for the HTTPoxy vulnerability. Httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. For more details, go to

Requires ncat to establish reverse session

./ cgi_list.txt 3000
This will scan with a list of common CGI files while injecting a Proxy header back to a given IP:PORT. A reverse listener will catch the incoming connection to confirm the remote site is vulnerable.

Disqus Comments