Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked Burp Bounty v3.5 - BurpSuite extension to improve the active and passive scanner


itsMe

Recommended Posts

This is the hidden content, please

This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive.

Examples of vulnerabilities that you can find

So, the vulnerabilities identified, from which you can make personalized improvements are:

Active Scan:

    XSS reflected and Stored
    SQL Injection error based
    Blind SQL injection
    Blind SQL injection time-based
    XXE
    Blind XXE
    SSRF
    CRLF
    Information disclosure
    Nginx off-by-slash vulnerability – From Orange Tsai
    Command injection
    Web cache poisoning
    Blind command injection
    Open Redirect
    Local File Inclusion
    Remote File Inclusion
    Path Traversal
    LDAP Injection
    XML Injection
    SSI Injection
    XPath Injection
    etc

Passive Response Scan

    Security Headers
    Cookies attributes
    Endpoints extract
    Software versions
    Error strings
    In general any string or regular expression in the response.

Passive Request Scan

    Interesting params and values
    In general any string or regular expression in the request.

Changelog v3.3.5

    Fixed bug with Payload and Payload without encoding match type
    Changed the default directory from user.dir to user.home
    Added and variables for printing issue details in Advisory.
    Fixed regex grep case sensitive
    Better redirection performance
    Fixed bug with Match And Replace


This is the hidden content, please

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.