Mar 30, 2021

What's happening in the Burp-verse - Issue #3 📰

By Burp Suite Guide • Issue #3 • View online

Automating API security testing is a problem that many security teams are trying to solve. Burp Suite has taken a step forward in this direction.

Burp Scanner is now enhanced to work with OpenAPI documents. By doing this, Burp can crawl and parse API endpoints mentioned in OpenAPI docs, send example HTTP requests, and test them for security issues.

To see how good Burp performs over real-world API endpoints, check out my article on How good is Burp’s API scanning?

Blog Posts

Browser powered scanning in Burp Suite | Blog - PortSwigger

Since the release of Browser-powered scanning back in Burp Suite Professional 2020.8.1 we have had a lot of customers asking us about our motivation for choosing to integrate with Chromium and …

portswigger.net • Share

Web crawlers that crawl HTML pages to discover more resources don’t work these days. At least, not always. Thanks to the dynamic web technologies.

This blog post by PortSwigger explains the problem and then describes how they solved it in Burp Suite. Instead of embedding a JavaScript engine, they embedded the open-source Chromium browser. Embedding Chromium browser allows Burp’s crawler to behave like a human user.

Source: https://portswigger.net/blog/browser-powered-scanning-in-burp-suite

Burp Suite - solving E-mail and SMS TAN multi-factor authentication with Hackvertor custom tags | Pentagrid AG

Solving challenges such as E-mail and SMS TAN multi-factor authentication for Burp automation.

www.pentagrid.ch • Share

Hackvertor by Gareth Heyes is an amazing and very flexible Burp extension. Trying to cover all its features and example use cases will make a huge blog post.

In the above blog post, Pentagrid AG explains how to generate random Swiss social security numbers using Hackvertor tags. The blog post ends with an advanced example to create a custom Hackvertor tag to fetch the second-factor authentication token from emails.

Extensions

Timestamp Editor by Chris Hembrow

Timestamp editor is a simple Burp utility that helps edit epoch timestamps in HTTP requests. It’s handy when editing content that includes epoch timestamps, like JSON expiry data.

Usage of it is straightforward. Install the extension, right-click on a timestamp, and select Edit timestamp.

Timestamp Editor extension

SQLMap DNS Collaborator by Luca Capacci (Burp Pro)

SQLMap DNS Collaborator is a Burp Pro extension to help DNS exfiltration. The usual way of DNS exfiltration using SQLmap requires the attacker to set up a DNS server and then execute SQLmap with –dns-domain arg.

SQLMap DNS Collaborator extension helps here by utilizing Burp Collaborator as the DNS server. When the vulnerable target sends DNS requests to Burp Collaborator, the extension reads the DNS requests and sends them to SQLmap.

Tweets

Native HTTP logger coming soon to BurpSuite!!

Burp Suite tells “This [native logger] provides performant and memory-efficient visual logging with a bunch of value-added features.”

I hope this native logger will be available to both Community and Pro versions with all its features like search, regex search, etc. If that happens, I guess not many would install Flow / Logger++ extensions.

ActiveScan++ v1.0.22 released

James Kettle released ActiveScan++ v1.0.22 which now detects OAuth endpoints like /.well-known/openid-configuration and /.well-known/oauth-authorization-server. These endpoints were added based on Michael Stepankin’s (from PortSwigger Research team) research on Hidden OAuth Attack Vectors.

Others

Burp Suite Professional Features For Free

Hacksplained’s video covers workarounds to get some “BurpSuite Pro” features in the Community edition. These workarounds include using Flow/Logger++ to search Burp Proxy history, using Turbo Intruder extension instead of Burp Intruder, etc.

Burp Suite Professional Features For Free (Pimp your Community Edition)

If you are more of a “blog reading” person than a “video watching” person, then check his blog post on the same:

Make Burp Community feel a little more like Burp Professional

Multiple tips and tricks to improve Burp Suite Community Edition

hacksplained.it • Share

SAML Raider 1.4.0 released

It has quite a few changes: UI enhancements, XXE & XSLT attack templates, a revamped text editor, and more.

SAML Raider Release 1.4.0 – Compass Security Blog

SAML Raider [0] is a Burp Suite [1] extension for testing SAML infrastructures. The last two releases contain several new features. This blog post describes the most important changes.

blog.compass-security.com • Share

BurpSuiteAutoCompletion extension

This extension enables autocompletion within BurpSuite Repeater/Intruder tabs, aimed primarily at Headers. It comes prepackaged with a great list of headers from SecLists.

GitHub - Static-Flow/BurpSuiteAutoCompletion: This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.

This exention enables autocompletion within BurpSuite Repeater/Intruder tabs. - Static-Flow/BurpSuiteAutoCompletion

github.com • Share

Tips & Tricks

Check out the Burp Suite tips by Ryan Wendel.

Burp Suite Tips — Volume 1. Compilation of basic Burp Suite tips to… | by Ryan Wendel | Medium

Compilation of basic Burp Suite tips to utilize when assessing the security posture of web applications.

ryanwendel.medium.com • Share

Burp Suite Tips — Volume 2. Burp Suite Web Application Proxy Usage… | by Ryan Wendel | Medium

Compilation of basic optimizations and tips to utilize when assessing the security posture of web applications with Burp Suite.

ryanwendel.medium.com • Share

Finally

If you liked the newsletter, please click on the like button below and share the newsletter on your favorite social media.

If you want to get the links to amazing resources on Burp Suite directly to your social media feed, you can follow me on Twitter and LinkedIn.

Did you enjoy this issue?

By Burp Suite Guide

Your guide to all things Burp Suite !

Tweet

Share

In order to unsubscribe, click here.

If you were forwarded this newsletter and you like it, you can subscribe here.