Description
This plugin finds the Cross Site Tracing (XST) vulnerability. No configurable paramaters are available. The TRACE method echos back requests sent to it. This plugin sends a TRACE request to the server and if the request is echoed back then XST is confirmed.
Plugin type
Options
This plugin doesn’t have any user configured options.
Source
For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
Plugin source code
Unittest source code
Dependencies
This plugin has no dependencies.
