It's always great to hear how other members of the community are using Burp Suite - and it's brilliant to see so many of you putting its extensibility features to good use. Built to identify hidden, unlinked parameters, Param Miner is very useful when hunting for web cache poisoning vulnerabilities. Param Minerįinally, another BApp that kept cropping up was Param Miner (again, by James Kettle). Written by Eduardo Garcia, Burp Bounty helps Burp Suite Professional users to quickly and easily build their own scan checks for use with Burp Scanner. Hackvertor is a tag-based conversion tool that supports numerous escapes and encodings. HackvertorĪnother popular Burp extension - this time by PortSwigger researcher Gareth Heyes - is Hackvertor. ![]() Turbo Intruder enables automated attacks even where extreme speed or complexity is required. Turbo Intruder, by PortSwigger Research's James Kettle was another popular entry. ![]() Autorize helps you to test for authentication vulnerabilities, and can save you a lot of time in doing this. One Burp extension that kept cropping up here was Autorize, by Barak Tawily. In short, here's what we learned … Here are five of your favorite BApps: 1. ![]() So when we spotted a tweet from HackerOne's (Ben Sadeghipour), asking the Burp Suite community for recommendations on their favorite Burp extensions, we knew it was going to be good. As we mentioned in our recent blog post on good resources for new Burp Suite Professional users, the BApp Store is one of the largest repositories of community-created user content you're likely to find anywhere.
0 Comments
Leave a Reply. |