Skip to content
/ additional-scanner-checks Public
forked from thomaspatzke/Burp-MissingScannerChecks

Collection of scanner checks missing in Burp

27 stars 18 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PortSwigger/additional-scanner-checks

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
BappDescription.html
BappDescription.html
 
 
BappManifest.bmf
BappManifest.bmf
 
 
Burp-MissingScannerChecks.py
Burp-MissingScannerChecks.py
 
 
README
README
 
 

Repository files navigation

This burp extension implements some passive scanner checks which are
missing in Burp suite:

* DOM-based XSS (REs are based on those from https://code.google.com/p/domxsswiki/wiki/FindingDOMXSS)

* Missing HTTP headers:

  * Strict-Transport-Security

  * X-Content-Type-Options: nosniff

  * X-XSS-Protection

* Multiple occurrences of the checked headers.

* Redirection from HTTP to HTTPS

All checks can be enabled separately in an own extension tab and a default config can be stored.

TODO
====

* See TODO markers in the code.

* Further possibilities to redirect from HTTP to HTTPS (meta refresh, links, referer checking)

* Active scanner check: Actively test directories for listings

* Active scanner check: Add parameters like debug, admin, test etc. and check if something
  interesting appears on the page.

* Active Scanner check: Reaction of the web application and server to
  requests with different/missing host headers.

About

Collection of scanner checks missing in Burp

Resources

Readme
Activity
Custom properties

Stars

27 stars

Watchers

8 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 98.3%
  • HTML 1.7%