It's well known that WAFs only scan up to a certain amount of data per request. This extension allows a tester to manually insert junk data and adds junk data to Active Scans by duplicating each scan ...

This lab contains a DOM-based open-redirection vulnerability. To solve this lab, exploit this vulnerability and redirect the victim to the exploit server. The url parameter contains an open ...

If a response does not specify a content type, then the browser will usually analyze the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the ...

Mixed Encodings: each segment of the IP address can be presented in different formats: hexadecimal, decimal, or octal. To keep our tool efficient, we don’t generate all possible combinations. Instead, ...

This release gives you better visibility of the crawl paths found by Burp Scanner, introduces support for sharing issues with Splunk, and enables you to use custom extensions, BChecks, and BApps with ...

Manage your security, your way. Managing a complex, enterprise-level web estate requires robust compliance, streamlined management of audits, and visibility of your security coverage. In other words - ...

If you or your teams use Splunk for your Security Information and Event Management (SIEM), you may like to integrate this with Burp Suite Enterprise Edition. Once configured, this enables you to ...

This extension provides advanced capabilities and automation for finding and exploiting Client-Side Path Traversal. This extension is a Burp Suite Passive Scanner. It reads your proxy history and ...

Header Guardian is a Burp Suite extension designed to enhance the security of web applications by identifying missing, misconfigured, and unnecessary HTTP security headers. Properly configured ...

This section explains how to customize web application scans to meet your specific testing requirements. You can customize the following aspects of your scan: The scan scope and configuration.

To view the Insertion points panel, click on a request. To hide the panel, click Insertion points. The panel is replaced by the base response. Nested insertion points occur when an application applies ...

The Nmap Scanner Burp Suite Extension integrates Nmap's powerful network scanning capabilities directly into the Burp Suite interface. This extension provides an easy-to-use graphical interface for ...