HTTP Parameter Pollution (HPP) plugins #2
Description
We should be implementing semi-passive and active plugins for HTTP Parameter Pollution and gradually align to the OWASP Testing Guide v4, which is slowly getting there although still WIP:
https://www.owasp.org/index.php/Testing_for_HTTP_Parameter_pollution_(OWASP-DV-004)
ZAP has extensions to test for HPP:
https://code.google.com/p/zap-extensions/wiki/V1Extensions
The following paper on automated HPP discovery may also be helpful:
http://www.iseclab.org/people/embyte/papers/hpp.pdf
More information:
OWASP AppSec EU 2009: HTTP Parameter Pollution
https://www.owasp.org/images/b/ba/AppsecEU09_CarettoniDiPaola_v0.8.pdf
HTTP Parameter Pollution vulnerabilities in Web Applications
http://www.iseclab.org/people/embyte/slides/BHEU2011/whitepaper-bhEU2011.pdf
Split and Join: Bypassing Web Application Firewalls with HTTP Parameter Pollution
http://www.andlabs.org/whitepapers/Split_and_Join.pdf
HTTP Parameter Pollution with Cookies in PHP
https://www.idontplaydarts.com/2013/06/http-parameter-pollution-with-cookies-in-php/