Burp Bounty BApp Store link: Burp Bounty. Hackvertor is a tag-based conversion tool that supports numerous escapes and encodings. It uses the already crawled / historic urls from WayBackMachine. Another popular Burp extension - this time by PortSwigger researcher Gareth Heyes - is Hackvertor. Please note that no crawling is done during the assessment.
The extensions aims to add more such sources as well as asset types be a one stop shop for all things related to the history of assets. The URLs can be easily copied from their and tested further for security issues. The extension acts as a passive scanner which extracts the domain(s) that are in scope, identifies their historic URLs from WayBackMachine ( ) and lists them under the issues section. Probing these hidden pages (and sometimes interesting dynamic parameters like &url=, &file=, etc.) uncover serious security issues at times as these are not caught by security scanners and also identified by the teams performing such assessments. limited-time promotional code, online contest pages, etc.).
Many times this will help uncover URLs/parameters which you might not discover while crawling the application as there are no more direct links to these pages on the website anymore, but the pages are still active (e.g. The idea of the extension is to have a quick and easy way to track historic details of an asset in the Burp interface without the need to run another command or invoke another interface. Hence, we created a BurpSuite Extension which could quickly track the history of the assets in scope and we came up with ‘ Asset History‘. Another prominent technique that has helped us uncover critical security issues in our pentests/bughunting journeys, is looking at the history of the identified/target assets, for which one of the tools that we use is WayBackurls by Tom Hudson.ĭuring an assessment recently, we realized that this is something we need to do each time, so why not automate this and make it a part of the process. As they say, you can’t secure what is not known to you.Īs mentioned in one of our previous tool-releases, for web application pentests, we always use our BurpSuite Extension – Asset Discover to identify if there are any other related assets that should be part of the scope. Burp Suite is a great tool for bug bounty and general security testing. Whenever performing any security assessment, identifying the Attack Surface is one of the first and foremost tasks.
0 kommentar(er)
