Burp Bounty – Scan Check Builder
This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive.
Examples of vulnerabilities that you can find
So, the vulnerabilities identified, from which you can make personalized improvements are:
Active Scan:
XSS reflected and Stored
SQL Injection error based
Blind SQL injection
Blind SQL injection time-based
XXE
Blind XXE
SSRF
CRLF
Information disclosure
Nginx off-by-slash vulnerability – From Orange Tsai
Command injection
Web cache poisoning
Blind command injection
Open Redirect
Local File Inclusion
Remote File Inclusion
Path Traversal
LDAP Injection
XML Injection
SSI Injection
XPath Injection
etc
Passive Response Scan
Security Headers
Cookies attributes
Endpoints extract
Software versions
Error strings
In general any string or regular expression in the response.
Passive Request Scan
Interesting params and values
In general any string or regular expression in the request.
burp.png (Size: 3.81 KB / Downloads: 68)
Download Link:
[hide]
https://bayfiles.com/ldh5C0k2z8/Burp_Bou...o_2_5_1_7z
[/hide]
This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive.
Examples of vulnerabilities that you can find
So, the vulnerabilities identified, from which you can make personalized improvements are:
Active Scan:
XSS reflected and Stored
SQL Injection error based
Blind SQL injection
Blind SQL injection time-based
XXE
Blind XXE
SSRF
CRLF
Information disclosure
Nginx off-by-slash vulnerability – From Orange Tsai
Command injection
Web cache poisoning
Blind command injection
Open Redirect
Local File Inclusion
Remote File Inclusion
Path Traversal
LDAP Injection
XML Injection
SSI Injection
XPath Injection
etc
Passive Response Scan
Security Headers
Cookies attributes
Endpoints extract
Software versions
Error strings
In general any string or regular expression in the response.
Passive Request Scan
Interesting params and values
In general any string or regular expression in the request.
burp.png (Size: 3.81 KB / Downloads: 68)
Download Link:
[hide]
https://bayfiles.com/ldh5C0k2z8/Burp_Bou...o_2_5_1_7z
[/hide]
