You have to find a input parameter. That may have redirecting tendency.
parameter = value
capture the request in burp and send it to repeater.
replace the value of parameter to attacker's url.
if the web page is redirecting to provided url than its a vulnerability.
Last updated 4 years ago