A penetration tester wrote a Python script to automate HTTP request fuzzing. The script uses the 'requests' library to send payloads and checks for reflected content in the response. The tester wants to analyze the script for potential improvements. Which of the following code changes would MOST directly reduce false positives in detecting reflection?
Trap 1: Add a random delay between requests
Random delay helps avoid rate limiting but does not affect the accuracy of reflection detection.
Trap 2: Remove the User-Agent header from requests
Removing the User-Agent may cause the server to reject requests or respond differently, but does not directly reduce false positives in reflection detection.
Trap 3: Use a session object to maintain cookies
Session objects maintain state across requests but do not improve the accuracy of reflection checks.
- A
Convert the response to lowercase before checking for reflection
Correct. Case-insensitive matching reduces false positives caused by case differences in the reflected content.
- B
Add a random delay between requests
Why wrong: Random delay helps avoid rate limiting but does not affect the accuracy of reflection detection.
- C
Remove the User-Agent header from requests
Why wrong: Removing the User-Agent may cause the server to reject requests or respond differently, but does not directly reduce false positives in reflection detection.
- D
Use a session object to maintain cookies
Why wrong: Session objects maintain state across requests but do not improve the accuracy of reflection checks.