Hello, friends sp today we will be taking a look at third party Burp Suite Extention that can be used to improve Active and Passive scan results. It has a nice graphical user interface that can be used to customize the scan details and what kind of payloads should be tested.
Note: This extension requires Burp Suite Pro.
- Profile Manager: you can manage the profiles, enable, disable o remove any of them.
- Select Profile: you can choose any profile, for modify it and save.
- Profiles reload: you can reload the profiles directory, for example, when you add a new external profile to the directory.
- Profile Directory: you choose the profiles directory path.
- You can add any payload that you want.
- And if you want to encode a string multiple times you can also do that.
3. Grep – Match
- For each payload response, each string, regex or payload (depending of you choose) will be searched with the specific Grep Options.
- Grep Type:
- Simple String: search for a simple string or strings
- Regex: search for regular expression
- Payload: search for payloads sended
- Payload without encode: if you encode the payload, and you want find for original payload, you should choose this
- Grep Options:
- Negative match: if you want find if string, regex or payload is not present in response
- Case sensitive: Only match if case sensitive
- Not in cookie: if you want find if any cookie attribute is not present
- Content type: you can specify one or multiple (separated by comma) content type to search the string, regex or payload. For example: text/plain, text/html, …
- Response Code: you can specify one or multiple (separated by coma) HTTP response code to find string, regex or payload. For example. 300, 302, 400, …
4. Write an Issue
- In this section you can specify the issue that will be show if the condition match with the options specified.
- Issue Name
- And others details like description, background, etc.
So, the vulnerabilities identified so far, from which you can make personalized improvements are:
1- Active Scan
- XSS reflected and Stored
- SQL Injection error based
- Command injection
- Open Redirect
- Local File Inclusion
- Remote File Inclusion
- Path Traversal
- LDAP Injection
- ORM Injection
- XML Injection
- SSI Injection
- XPath Injection
2- Passive Scan
- Security Headers
- Cookies attributes
- Software versions
- Error strings
- In general any string or regular expression.
For example videos please visit our youtube channel: