View profile

What's happening in the Burp-verse - Issue #12 📰

What's happening in the Burp-verse - Issue #12 📰
By Burp Suite Guide • Issue #12 • View online
Yo,
I hope this newsletter increases your productivity and helps you find more bugs. 😊
I’m excited to tell you three massive Burp Suite features in the latest release, extensions, and loads of tips & tricks in this newsletter issue.
If you got this newsletter for the first time, welcome onboard!!! Signing up for the newsletter was your first step in becoming the up-to-date hero of Burp Suite.
Follow Burp Suite Guide on Twitter, LinkedIn, or Telegram channel to get instant updates on Burp Suite.  
Now let’s continue.

Releases
Professional / Community 2022.5 and 2022.5.1 (Early Adopter)
PortSwigger has added some massive updates to this early adopter release. Out of multiple features and bug fixes, I would emphasize three:
1. Burp Scanner can now detect 8 common JWT vulnerabilities (which includes 6 high severity issues)
Burp Scanner can now detect the following common JWT issues:
  1. JWT signature not verified
  2. JWT none algorithm supported
  3. JWT self-signed JWK header supported
  4. JWT weak HMAC secret
  5. JWT arbitrary jku header supported
  6. JWT arbitrary x5u header supported
  7. JWT private key disclosed 
  8. JSON Web Key Set disclosed
2. Burp Extender estimates the system impact of individual extensions and the overall impact of all enabled extensions.
“Burp Suite is slow” and “Burp uses a lot of CPU/RAM” are some common rants on social media. This statement doesn’t tell anything about the system configuration, the number of Burp extensions enabled, etc. With this amazing feature, one could get the answer to the question: “Is Burp slow because of the installed extensions?”
Next time someone tells that Burp Suite is slow, tell them to check the overall estimated system impact to make sure Burp is not slow because of extensions. 😉
Source: https://portswigger.net/burp/releases/professional-community-2022-5
Source: https://portswigger.net/burp/releases/professional-community-2022-5
3. Adding a custom header to requests is now easier 
To add a custom header you had to install the “Add Custom Header” extension and then invoke it using a session handling rule to add a single custom header (not more than that).
Now, you don’t need the extension. Setup the new session handling rule action “Set a specific header value” - to add custom headers/modify existing headers values, as many as you want 😀
Other improvements:
  • Scanner option to skip unauthenticated crawling during scans
  • Improved repeater tab behavior
  • Make Java 11 the default Java Runtime
  • Option to verify upstream TLS certificates
To know all the new features, check out the release notes of Burp Suite 2022.5 and 2022.5.1.
Blog Posts
Intro to Web App Security Testing: Burp Suite Tips & Tricks
List of Burp Suite tips & tricks (by Aaron James of TrustedSec) that you wish you knew sooner.
Extensions
Pentest-Mapper by Sourav Kalal
This extension integrates the Burp Suite’s request logging with a custom application testing checklist. It helps pentesters who want to keep track of all web app functionalities, API endpoints, and vulnerability types tested.
Tweets
Web Security Academy
We've launched a brand new topic with eight new labs for you to get stuck into! The topic will look at how design issues, and flawed handling of JSON web tokens (JWTs), can leave websites vulnerable to a variety of high-severity attacks.
https://t.co/QiuBjqQQ3E https://t.co/7Hdkch9h4n
BurpSuite.guide
Tried all #BurpSuite settings, features, and popular extensions but still didn't get it working for your requirement?

Planning to write your own Burp extension from scratch?

You might need to check the extension "Python Scripter" 👀

(1/n) 🧵
Soroush Dalili
@buherator @MasteringBurp The extension has a find and a filter features. The good news is that burp is going to have search by default soon in the repeater with grouping for tabs which will make this feature of sharpener extension redundant.
Evan 🇺🇦
Example of using Turbo Intruder in a "listen and attack" mode. A hidden secret: you can have turbo intruder scripts use the burp plugin API. Here we use burp.IProxyListener to intercept requests and reissue them inside turbo intruder mutating the method.
https://t.co/5piSV4domG
James Kettle
I've updated the Turbo Intruder documentation with some practical tips for long-running attacks. TLDR don't put five million responses in the table, you'll run out of RAM.
https://t.co/lhyH2hlOrn
Others
BApp Store is revamped!!
BApp Store now has an improved UI. It allows to filter extensions based on Burp Suite editions and provides the system impact details of each extension.
Gin and Juice Shop: put your scanner to the test
A truly dope vulnerable web application by PortSwigger to help you improve your Burp Scanner techniques.
Bypassing CSP with dangling iframes
A research article by our very own PortSwigger Research team. Gareth Heyes tells how he bypassed CSP to achieve XSS despite the mitigations added to Chrome 97.
Productivity Tip of the Month
BurpSuite.guide
Want to increase #productivity while manually testing requests in #BurpSuite Repeater?

Then first step - learn these keyboard shortcuts:

1. URL encode: Ctrl + U
2. HTML encode: Ctrl + H
3. Base64 encode: Ctrl + B

To decode use Shift as well. Ex: URL decode - Ctrl + Shift + U
Finally
Did you learn something new from this newsletter? 🥺
Please share this newsletter with your friends, hackers & pentesters. Tweet about it, post it on social media or forward this newsletter email to others.
If you liked the newsletter, click the 👍 button below. If you have any specific feedback, shoot an email to [email protected].
Many thanks for considering my request.
Until next time 👋
Did you enjoy this issue?
Burp Suite Guide

Your guide to all things Burp Suite !

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue