X-Forwarded-Host-injector-v1 is simple bash script for find dynamic X-Forwarded-Host-injection is possible or not on set of domains. this tool based on hackerone report https://hackerone.com/reports/737315 .
*) tool use curl to send post request to server with X-Forwarded-For header set to evil.com *) check our injected header value is reflected in server response or not
- list out all subdomain to text file "subdomains.txt"
- run bash X-Forwarded-Host-injector-v1.sh