You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<p>This is an extension for Burp Suite designed to help you launch <a href="https://portswigger.net/research/http-desync-attacks">HTTP Request Smuggling</a> attacks. It supports scanning for Request Smuggling vulnerabilities, and also aids exploitation by handling cumbersome offset-tweaking for you.</p>
<h4>Use</h4>
<p>Right click on a request and click 'Launch Smuggle probe', then watch the extension's output pane.
For more advanced use watch the <a href="https://portswigger.net/research/http-desync-attacks">video</a>, and check out the <a href="https://github.com/PortSwigger/http-request-smuggler">documentation</a>.</p>
<h4>Practice</h4>
<p>We've also released <a href="https://portswigger.net/web-security/request-smuggling">free online labs to practise against</a>.</p>