Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
Bot releases are hidden (Show)
v5.4
Changed
self.REGEX_LINKS
regex to also look for .
within file names. If a file name is found that has a required extension, e.g. .js
then the file name itself can also have a .
in it, e.g. chunk.1337.js
. Previously the regex would not have picked these up in certain situations.Published by xnl-h4ck3r 5 months ago
Changed
REGEX_JSNESTED
(used by the Javascript variables and constants
option) to also get params from nested objects that start with JSON.stringify(
.Published by xnl-h4ck3r 5 months ago
Changed
Potential param
pane if the option to Report "sus" params
issues was not selected.REGEX_JSNESTED
(used by the Javascript variables and constants
option) to also get params from nested objects that start with dataLayer.push(
.Javascript variables and constants
in the GAP Help.md
.Published by xnl-h4ck3r 5 months ago
New
RESPONSE PARAMETERS
option of Javascript variables and constants
is selected, GAP will now extract parameter names from nested objects too.Inc. Tentaive?
option next to Report "sus"params?
option. Findings marked Tentative
will only be raised if this option is checked. If disabled it will speed up processing.Changed
checkSusParams
instead of half way through, to help speed things up.REGEX_PARAMSPOSSIBLE
and REGEX_PARAMSSUB
to check for HTML entities with the &
as optional, as sometimes they appear without. This ensures they are replaced more effectively.Published by xnl-h4ck3r 6 months ago
See CHANGELOG for details
Published by xnl-h4ck3r 6 months ago
See CHANGELOG
Published by xnl-h4ck3r 7 months ago
Bug fixes - see CHANGELOG
Published by xnl-h4ck3r 8 months ago
Fix bug with new Burp version causing files not to be written - see CHANGELOG
Published by xnl-h4ck3r 9 months ago
FIx display issue in latest Burp, plus more. See CHANGELOG
Published by xnl-h4ck3r 11 months ago
See CHANGELOG.md for details
Published by xnl-h4ck3r 11 months ago
Added 2 MIME types to exclusion list
Published by xnl-h4ck3r 11 months ago
Added an additional MIME type to ignore
Published by xnl-h4ck3r 11 months ago
Add Mass Assignment category to Sus parameters
Published by xnl-h4ck3r 12 months ago
Show instructions for installing external modules in Words mode text box if beautiful soup can't be imported
Published by xnl-h4ck3r about 1 year ago
See CHANGELOG.md
Published by xnl-h4ck3r about 1 year ago
See CHANGELOG.md for details
Published by xnl-h4ck3r over 1 year ago
Fix a bug that fails to process a root in the site map if it contains a port number.
Published by xnl-h4ck3r over 1 year ago
Small bug fixes - see CHANGELOG for details
Published by xnl-h4ck3r over 1 year ago
See CHNAGELOG.md for details
Published by xnl-h4ck3r over 1 year ago
See CHANGELOG.md