Interesting @Burp_Suite extension (by @julianpentest) working with the collaborator to add from 200 to thousands payloads to find OS command injection. Even reading the readme is very instructive ! https://twitter.com/binitamshah/status/1011528746367504384
Burp Suite extensions I recommend (in no specific order): AutoRepeater, Content Type Converter, Param Miner, Request Minimizer, Backslash Powered Scanner, ActiveScan++, Taborator, Paramalyzer, Upload Scanner, Hackvertor, Piper, Request Timer, Logger++, Add Custom Header
Do you have any problem with creating a new account in some application due to requirement of business email (corp)? Solution is here: #Burp Collaborator. Create an account with [email protected] and look after SMTP request at your client. #Security #bugbountytip #webapp
Need a quick way to request 1000's of URLs in burp without crashing your browser?
cat yahoourls.txt| parallel -j 10 curl --proxy http://127.0.0.1:8080 -sk > /dev/null