This is the python script to check for the website if vulnerable to No RL and making it easier for us to move further.
Although automation is inevitable the results can be tentative from the script, confirm with burp for a thorough No RL Attack!
Usage: Make sure to install Python. It Works with Python 2.x and 3.x
Below screenshot shows the usage. If all the response headers yeild the same content length, the application gives the same output for different requests, Not Vulnerable Target.
Vice Versa for a Vulnerable Target.
Run this on your terminal $root@rohit~ ./check.py hackerone.com https