I was having some trouble getting requests to actually register as a different IP through the API Gateway because it adds an X-Forwarded-For header to anything that goes through it.
These changes will overwrite that if the API Gateway receives a request with an X-My-X-Forwarded-For header added. You can put anything you want in the header (I just put the work "junk"), and with a Match/Replace rule in Burp it's pretty easy.
I was having some trouble getting requests to actually register as a different IP through the API Gateway because it adds an X-Forwarded-For header to anything that goes through it.
These changes will overwrite that if the API Gateway receives a request with an
X-My-X-Forwarded-For
header added. You can put anything you want in the header (I just put the work "junk"), and with a Match/Replace rule in Burp it's pretty easy.The idea for this was taken from the fireprox repo at https://github.com/ustayready/fireprox