id: fuzz-header-multiple

info:
  name: fuzz header multiple
  author: pdteam
  severity: info
  description: |
    In this template we fuzz multiple headers with single payload

http:
  - raw:
      - |
        GET /?x=aaa&y=bbb HTTP/1.1
        Host: {{Hostname}}
        Origin: https://example.com
        X-Forwared-For: 1337
        Cookie: z=aaa; bb=aaa
        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
        Accept-Language: en-US,en;q=0.9
        Connection: close

    payloads:
      reflection:
        - "secret.local"

    fuzzing:
      - part: headers
        type: replace
        mode: multiple
        keys: ["Origin", "X-Forwared-For"]
        fuzz:
          - "{{reflection}}"

    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "admin"