Request Headers offers configurations specific to header parameters while Intruder is running attacks. For the purpose of this recipe, leave the default boxes checked:
