- Notifications
You must be signed in to change notification settings - Fork52
Burp Suite extension to discover assets from HTTP response.
License
redhuntlabs/BurpSuite-Asset_Discover
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blogAsset Discovery using Burp Suite for more details.
The extension is now part of the BApp store and can be installed directly from the Burp Suite.https://portswigger.net/bappstore/d927f0065171485981d6eb49a860fc3e
To know more about our Attack Surface Management platform, check out NVADR.
Passively parses HTTP response of the URLsin scope and identifies different type assets such asdomain, subdomain, IP, S3 bucket etc. and lists them as informational issues.
- Setup the python environment by providing thejython.jar file in the 'Options' tab under 'Extender' in Burp Suite.
- Download theextension.
- In the 'Extensions' tab under 'Extender', select 'Add'.
- Change the extension type to 'Python'.
- Provide the path of the file ‘Asset_Discover.py’ and click on 'Next'.
- Add a URL to the 'Scope' under the 'Target' tab. The extension will start identifying assets through passive scan.
A large portion of the base code has been taken from the following sources:
The project is available under MIT license, seeLICENSE file.
About
Burp Suite extension to discover assets from HTTP response.
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Releases
Packages0
Uh oh!
There was an error while loading.Please reload this page.
Contributors2
Uh oh!
There was an error while loading.Please reload this page.