[Improvement] Set Custom HTTP Header for Amass -active techniques

owasp-amass / amass

In-depth attack surface mapping and asset discovery

https://owasp.org/www-project-amass/

Other

11.95k stars 1.88k forks source link

[Improvement] Set Custom HTTP Header for Amass -active techniques #466

Open ngkogkos opened 4 years ago

ngkogkos commented 4 years ago

Hello,

As per title, a number of bug bounty programs, vendors or type of assessments in general, may require testers to send traffic using custom HTTP headers for identification purposes from teams such as SOC.

Since Amass does port scanning + SSL grabbing with the -active flag, I think it may be handy to have a flag and allow users to set a custom HTTP header along with -active. Maybe we could call it -custom-http-header.

Thoughts?

rocketscientist911 commented 3 years ago

bump! This will be really good so that I can leave a friendly header