BurpBounty – An Extension that will Improve Your Burp Suite Scan Results

0
23

Hello, friends sp today we will be taking a look at third party Burp Suite Extention that can be used to improve Active and Passive scan results. It has a nice graphical user interface that can be used to customize the scan details and what kind of payloads should be tested.

Note: This extension requires Burp Suite Pro.

Usage:
1. Config section
  • Profile Manager: you can manage the profiles, enable, disable o remove any of them.
  • Select Profile: you can choose any profile, for modify it and save.
  • Profiles reload: you can reload the profiles directory, for example, when you add a new external profile to the directory.
  • Profile Directory: you choose the profiles directory path.

Payloads:

  • You can add any payload that you want.
  • And if you want to encode a string multiple times you can also do that.

 

3. Grep – Match

  • For each payload response, each string, regex or payload (depending of you choose) will be searched with the specific Grep Options.
  • Grep Type:
    • Simple String: search for a simple string or strings
    • Regex: search for regular expression
    • Payload: search for payloads sended
    • Payload without encode: if you encode the payload, and you want find for original payload, you should choose this
  • Grep Options:
    • Negative match: if you want find if string, regex or payload is not present in response
    • Case sensitive: Only match if case sensitive
    • Not in cookie: if you want find if any cookie attribute is not present
    • Content type: you can specify one or multiple (separated by comma) content type to search the string, regex or payload. For example: text/plain, text/html, …
    • Response Code: you can specify one or multiple (separated by coma) HTTP response code to find string, regex or payload. For example. 300, 302, 400, …

4. Write an Issue

  • In this section you can specify the issue that will be show if the condition match with the options specified.
  • Issue Name
  • Severity
  • Confidence
  • And others details like description, background, etc.

– Examples
So, the vulnerabilities identified so far, from which you can make personalized improvements are:

1- Active Scan

  • XSS reflected and Stored
  • SQL Injection error based
  • XXE
  • Command injection
  • Open Redirect
  • Local File Inclusion
  • Remote File Inclusion
  • Path Traversal
  • LDAP Injection
  • ORM Injection
  • XML Injection
  • SSI Injection
  • XPath Injection
  • etc

2- Passive Scan

  • Security Headers
  • Cookies attributes
  • Software versions
  • Error strings
  • In general any string or regular expression.

For example videos please visit our youtube channel:

Cyber Security Training

Download

LEAVE A REPLY

Please enter your comment!
Please enter your name here