Burp Bounty v4.0 releases: BurpSuite extension to improve the active and passive scanner

Burp Bounty

Burp Bounty – Scan Check Builder

This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive.

Examples of vulnerabilities that you can find

So, the vulnerabilities identified, from which you can make personalized improvements are:

Active Scan:

  • XSS reflected and Stored
  • SQL Injection error based
  • Blind SQL injection
  • Blind SQL injection time-based
  • XXE
  • Blind XXE
  • SSRF
  • CRLF
  • Information disclosure
  • Nginx off-by-slash vulnerability – From Orange Tsai
  • Command injection
  • Web cache poisoning
  • Blind command injection
  • Open Redirect
  • Local File Inclusion
  • Remote File Inclusion
  • Path Traversal
  • LDAP Injection
  • XML Injection
  • SSI Injection
  • XPath Injection
  • etc

Passive Response Scan

  • Security Headers
  • Cookies attributes
  • Endpoints extract
  • Software versions
  • Error strings
  • In general any string or regular expression in the response.

Passive Request Scan

  • Interesting params and values
  • In general any string or regular expression in the request.

Changelog v4.0

  • Burp Bounty Pro 1.6 core
  • Quick issue alert
  • More options for creating profiles

Download & Use

Copyright 2018 Eduardo Garcia Melia