View profile

What's happening in the Burp-verse - Issue #3 📰

What's happening in the Burp-verse - Issue #3 📰
By Burp Suite Guide • Issue #3 • View online
Automating API security testing is a problem that many security teams are trying to solve. Burp Suite has taken a step forward in this direction.
Burp Scanner is now enhanced to work with OpenAPI documents. By doing this, Burp can crawl and parse API endpoints mentioned in OpenAPI docs, send example HTTP requests, and test them for security issues.
To see how good Burp performs over real-world API endpoints, check out my article on How good is Burp’s API scanning?

Blog Posts
Browser powered scanning in Burp Suite | Blog - PortSwigger
Web crawlers that crawl HTML pages to discover more resources don’t work these days. At least, not always. Thanks to the dynamic web technologies.
This blog post by PortSwigger explains the problem and then describes how they solved it in Burp Suite. Instead of embedding a JavaScript engine, they embedded the open-source Chromium browser. Embedding Chromium browser allows Burp’s crawler to behave like a human user.
Burp Suite - solving E-mail and SMS TAN multi-factor authentication with Hackvertor custom tags | Pentagrid AG
Hackvertor by Gareth Heyes is an amazing and very flexible Burp extension. Trying to cover all its features and example use cases will make a huge blog post.
In the above blog post, Pentagrid AG explains how to generate random Swiss social security numbers using Hackvertor tags. The blog post ends with an advanced example to create a custom Hackvertor tag to fetch the second-factor authentication token from emails.
Timestamp Editor by Chris Hembrow
Timestamp editor is a simple Burp utility that helps edit epoch timestamps in HTTP requests. It’s handy when editing content that includes epoch timestamps, like JSON expiry data.
Usage of it is straightforward. Install the extension, right-click on a timestamp, and select Edit timestamp.
Timestamp Editor extension
Timestamp Editor extension
SQLMap DNS Collaborator by Luca Capacci (Burp Pro)
SQLMap DNS Collaborator is a Burp Pro extension to help DNS exfiltration. The usual way of DNS exfiltration using SQLmap requires the attacker to set up a DNS server and then execute SQLmap with –dns-domain arg.
SQLMap DNS Collaborator extension helps here by utilizing Burp Collaborator as the DNS server. When the vulnerable target sends DNS requests to Burp Collaborator, the extension reads the DNS requests and sends them to SQLmap.
Burp Suite tells “This [native logger] provides performant and memory-efficient visual logging with a bunch of value-added features.
I hope this native logger will be available to both Community and Pro versions with all its features like search, regex search, etc. If that happens, I guess not many would install Flow / Logger++ extensions.
James Kettle released ActiveScan++ v1.0.22 which now detects OAuth endpoints like /.well-known/openid-configuration and /.well-known/oauth-authorization-server. These endpoints were added based on Michael Stepankin’s (from PortSwigger Research team) research on Hidden OAuth Attack Vectors.
Burp Suite Professional Features For Free
Hacksplained’s video covers workarounds to get some “BurpSuite Pro” features in the Community edition. These workarounds include using Flow/Logger++ to search Burp Proxy history, using Turbo Intruder extension instead of Burp Intruder, etc.
Burp Suite Professional Features For Free (Pimp your Community Edition)
Burp Suite Professional Features For Free (Pimp your Community Edition)
If you are more of a “blog reading” person than a “video watching” person, then check his blog post on the same:
Make Burp Community feel a little more like Burp Professional
SAML Raider 1.4.0 released
It has quite a few changes: UI enhancements, XXE & XSLT attack templates, a revamped text editor, and more.
SAML Raider Release 1.4.0 – Compass Security Blog
BurpSuiteAutoCompletion extension
This extension enables autocompletion within BurpSuite Repeater/Intruder tabs, aimed primarily at Headers. It comes prepackaged with a great list of headers from SecLists.
GitHub - Static-Flow/BurpSuiteAutoCompletion: This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
Tips & Tricks
Check out the Burp Suite tips by Ryan Wendel.
Burp Suite Tips — Volume 1. Compilation of basic Burp Suite tips to… | by Ryan Wendel | Medium
Burp Suite Tips — Volume 2. Burp Suite Web Application Proxy Usage… | by Ryan Wendel | Medium
If you liked the newsletter, please click on the like button below and share the newsletter on your favorite social media.
If you want to get the links to amazing resources on Burp Suite directly to your social media feed, you can follow me on Twitter and LinkedIn.
Did you enjoy this issue?
Burp Suite Guide

Your guide to all things Burp Suite !

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue