Script to solve burp labs or for bug bounty

[timruff]

Just simple script to add IP random to X-Forwarded-For: in Header request. For section HTTP Sender

[thc202]

Would be good to mention the original script, maybe it can be removed too since the HTTP Sender applies to fuzzer messages as well.

[timruff]

I can't get random_x_forwarded_for_ip.js to work in Fuzzer HTTP processor. In the fuzzer the script does not appear, in the response the x-forwarded-for-ip does not appear. The only way to do it was the script I put.

[timruff]

I'm sorry, I just understood how to use the random_x_forwarded_for_ip.js script, I see how why my script is not necessary. Thanks for the time spent on the problem.

[thc202]

It's the other way around, this script supersedes the other script and why was suggesting to remove the other script, though both cover their own use cases.

[timruff]

I made some correction and integrated the multiple payloads management.

[kingthorin]

Why are more and more files being added to this PR?

[kingthorin]

To address the DCO requirement you'll need to sign-off the commit(s):

• https://github.com/zaproxy/zaproxy/blob/main/CONTRIBUTING.md#developer-certificate-of-origin
• https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---signoff

[timruff]

I'm doing courses on zap proxy to do burp suite labs with zap proxy. I need to make scripts to fix labs or bounty bugs. I don't know much about git hub it my first contribution on other project with github.

[kingthorin]

Okay that makes more sense I guess. They're all useful. Might want to tweak the title/subject and maybe make it draft (until you've included everything you're thinking of).

[kingthorin]

It's going to be really hard for us to review this and move it along if you don't pick a "line in the sand".

You can always create another branch or something for future contribs.