What's happening in the Burp-verse - Issue #10 📰



Subscribe to our newsletter

By subscribing, you agree with Revue’s Terms of Service and Privacy Policy and understand that Burp Suite Guide will receive your email address.

What's happening in the Burp-verse - Issue #10 📰
By Burp Suite Guide • Issue #10 • View online
Hi 👋,
I hope you are doing well :)
If you got this newsletter for the first time, welcome onboard!!! Signing up for the newsletter was your first step in becoming the up-to-date hero of Burp Suite.
My dear comrades who have subscribed to this newsletter since the initial issues, I know you are thinking: Why was there a huge gap since the last newsletter issue?
Long story short - it started as a short break for a month, but that turned out to be a break for a few months 🤦‍♂️ along with a job change. 
As Steven Pressfield mentioned in his book The War of Art, resistance took over me. 
With love and support from fellow subscribers, I am back to the business and plan to send the newsletter issues regularly.
Follow Burp Suite Guide on Twitter and LinkedIn to get instant updates on Burp Suite. 
Now let’s continue.

My dear early adopters, this version has a couple of noticeable improvements:
  1. Burp Suite scanner and collaborator client will use the new domain “oastify.com” instead of “burpcollaborator.net.” Many WAFs now block the burpcollaborator.net domain, so this new domain should reduce false negatives in detecting out-of-band vulnerabilities.
  2. To the Message editor, you can add additional tabs like Headers, Query params, Body params, etc.
Under the hood, Burp’s Scanner can now detect DOM-based vulnerabilities in scenarios where malicious input is only passed to a sink if an API call is made.
Also, there have been a few minor releases under 2022.3 with the following features:
  • 2022.3.1 - Few bug fixes
  • 2022.3.2 - Embedded browser (Chromium) fixes
  • 2022.3.3 - Upgraded Chromium and installer Java version to 17.0.2
  • 2022.3.4 - Provides Java 17 support for extensions
Blog Posts
When Burp Suite 2.0 was released, the crawler focused on tackling a newer breed of web applications - like single-page applications (SPAs) and apps built with client-side JS frameworks. This new breed depended upon the “state” (like the user adding something to the cart).
When we crawl static sites (even with the fastest crawl strategy), the crawler, assuming the web app to be stateful, will take time to get the maximum coverage. The time taken could be much shorter. 
So in Burp Suite 2022.2.3, the “fastest” crawl strategy doesn’t consider the state and completes crawling 6x - 9x faster. 🔥
Check out the article.
This article by Pentagrid shows how they enhanced Burp Suite with the help of extensions to test their customized target application. Their target web/thick client application seems to have encrypted the requests and compressed them before sending. The server did the same with responses.
Have you ever faced a similar situation before?
This article shows how they solved this custom Transport Encoding problem (along with a Burp Suite extension template). Check it out.
This extension decodes easy CAPTCHA challenges (like four alphanumeric characters) using the ddddocr project. The best part is that the decoding happens locally on your system. The author says this decoding had 85% accuracy. This forked project also adds improvements over the original extension.
This extension might be for you if you use Nuclei and have already integrated it into your bug bounty recon workflow. 
You can manually test your bug bounty targets for bugs as usual. Did you find any interesting endpoints or responses? Then, you can use this extension to generate a nuclei template and run the same template across all your targets to find the same bug.
Source: https://github.com/projectdiscovery/nuclei-burp-plugin
Source: https://github.com/projectdiscovery/nuclei-burp-plugin
This extension integrates the Burp Suite’s request logging with a custom application testing checklist. It helps pentesters who want to keep track of all web app functionalities, API endpoints, and vulnerability types tested.
If you are a huge fan of Burp Suite's predefined payload lists (like me) and you use it in Intruder without additional configuration, you might be missing something.

(1/4) 🧵
Soroush Dalili
#BurpTip if you are sending from Intruder to Scanner, then make sure content-length is correct otherwise it may just error without actually doing any scan! It might be a bug but this is the workaround. #BurpSuite
Do you use @Burp_Suite and AWS? Well, NetSPI's @jakekarnes42 just released version 2.0 of the #AWS Signer Burp Suite Extension. Read about the new updates and features: https://t.co/j5z1LClGaA

#burpsuite #pentesting #AWS https://t.co/B0Wxtyl474
Forgette Benoît
I add a plugin to #Asthook to extract #AWS key from #android application. I let you discover it.
I use it with https://t.co/nStZALcnLr @NetSPI to replay request in @Burp_Suite https://t.co/5DUy9gndaE
Did you learn something new from this newsletter? 🥺
Please share this newsletter with your friends, hackers & pentesters. Tweet about it, post it on social media, or forward this newsletter email to others.
If you liked the newsletter, click the 👍 button below. If you have any specific feedback, shoot an email to [email protected].
Many thanks for considering my request.
Until next time 👋
Did you enjoy this issue?
Burp Suite Guide

Your guide to all things Burp Suite !

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue