IBurpExtenderCallbacks.registerScopeChangeListener() to register
15 | * a scope change listener. The listener will be notified whenever a change
16 | * occurs to Burp's suite-wide target scope.
17 | */
18 | public interface IScopeChangeListener
19 | {
20 | /**
21 | * This method is invoked whenever a change occurs to Burp's suite-wide
22 | * target scope.
23 | */
24 | void scopeChanged();
25 | }
26 |
--------------------------------------------------------------------------------
/main/java/burp/IHttpRequestResponsePersisted.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IHttpRequestResponsePersisted.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used for an
14 | * IHttpRequestResponse object whose request and response messages
15 | * have been saved to temporary files using
16 | * IBurpExtenderCallbacks.saveBuffersToTempFiles().
17 | */
18 | public interface IHttpRequestResponsePersisted extends IHttpRequestResponse
19 | {
20 | /**
21 | * This method is deprecated and no longer performs any action.
22 | */
23 | @Deprecated
24 | void deleteTempFiles();
25 | }
26 |
--------------------------------------------------------------------------------
/main/java/burp/IIntruderAttack.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IIntruderAttack.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to hold details about an Intruder attack.
14 | */
15 | public interface IIntruderAttack
16 | {
17 | /**
18 | * This method is used to retrieve the HTTP service for the attack.
19 | *
20 | * @return The HTTP service for the attack.
21 | */
22 | IHttpService getHttpService();
23 |
24 | /**
25 | * This method is used to retrieve the request template for the attack.
26 | *
27 | * @return The request template for the attack.
28 | */
29 | byte[] getRequestTemplate();
30 |
31 | }
32 |
--------------------------------------------------------------------------------
/BappDescription.html:
--------------------------------------------------------------------------------
1 | This BurpSuite extension allows you, in a quick and simple way, to improve 2 | the active and passive BurpSuite scanner by means of personalized rules 3 | through a very intuitive graphical interface. Through an advanced search of 4 | patterns and an improvement of the payload to send, we can create our own 5 | issue profiles both in the active scanner and in the passive.
6 | 7 |* Usage manual: Wiki.
8 | 9 |* You can download profile from: Github.
10 | 11 |* Author's on Twitter: @BurpBounty @egarme
12 | 13 |* More information at: https://burpbounty.net
14 | 15 | 16 |* If you need more power, I invite you to try the new Burp Bounty Pro, which gives you more power and automation during your manual pentests.
17 | -------------------------------------------------------------------------------- /main/java/burp/ITempFile.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | /* 4 | * @(#)ITempFile.java 5 | * 6 | * Copyright PortSwigger Ltd. All rights reserved. 7 | * 8 | * This code may be used to extend the functionality of Burp Suite Community Edition 9 | * and Burp Suite Professional, provided that this usage does not violate the 10 | * license terms for those products. 11 | */ 12 | /** 13 | * This interface is used to hold details of a temporary file that has been 14 | * created via a call to 15 | *IBurpExtenderCallbacks.saveToTempFile().
16 | *
17 | */
18 | public interface ITempFile
19 | {
20 | /**
21 | * This method is used to retrieve the contents of the buffer that was saved
22 | * in the temporary file.
23 | *
24 | * @return The contents of the buffer that was saved in the temporary file.
25 | */
26 | byte[] getBuffer();
27 |
28 | /**
29 | * This method is deprecated and no longer performs any action.
30 | */
31 | @Deprecated
32 | void delete();
33 | }
34 |
--------------------------------------------------------------------------------
/main/java/burpbountyfree/Headers.java:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2018 Eduardo Garcia Melia IBurpExtenderCallbacks.registerExtensionStateListener() to
15 | * register an extension state listener. The listener will be notified of
16 | * changes to the extension's state. Note: Any extensions that start
17 | * background threads or open system resources (such as files or database
18 | * connections) should register a listener and terminate threads / close
19 | * resources when the extension is unloaded.
20 | */
21 | public interface IExtensionStateListener
22 | {
23 | /**
24 | * This method is called when the extension is unloaded.
25 | */
26 | void extensionUnloaded();
27 | }
28 |
--------------------------------------------------------------------------------
/main/java/burp/IBurpExtender.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IBurpExtender.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * All extensions must implement this interface.
14 | *
15 | * Implementations must be called BurpExtender, in the package burp, must be
16 | * declared public, and must provide a default (public, no-argument)
17 | * constructor.
18 | */
19 | public interface IBurpExtender
20 | {
21 | /**
22 | * This method is invoked when the extension is loaded. It registers an
23 | * instance of the
24 | * IBurpExtenderCallbacks interface, providing methods that may
25 | * be invoked by the extension to perform various actions.
26 | *
27 | * @param callbacks An
28 | * IBurpExtenderCallbacks object.
29 | */
30 | void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks);
31 | }
32 |
--------------------------------------------------------------------------------
/main/java/burp/IScannerListener.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IScannerListener.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerScannerListener() to register a
15 | * Scanner listener. The listener will be notified of new issues that are
16 | * reported by the Scanner tool. Extensions can perform custom analysis or
17 | * logging of Scanner issues by registering a Scanner listener.
18 | */
19 | public interface IScannerListener
20 | {
21 | /**
22 | * This method is invoked when a new issue is added to Burp Scanner's
23 | * results.
24 | *
25 | * @param issue An
26 | * IScanIssue object that the extension can query to obtain
27 | * details about the new issue.
28 | */
29 | void newScanIssue(IScanIssue issue);
30 | }
31 |
--------------------------------------------------------------------------------
/main/java/burp/IHttpService.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IHttpService.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used to provide details about an HTTP service, to which
14 | * HTTP requests can be sent.
15 | */
16 | public interface IHttpService
17 | {
18 | /**
19 | * This method returns the hostname or IP address for the service.
20 | *
21 | * @return The hostname or IP address for the service.
22 | */
23 | String getHost();
24 |
25 | /**
26 | * This method returns the port number for the service.
27 | *
28 | * @return The port number for the service.
29 | */
30 | int getPort();
31 |
32 | /**
33 | * This method returns the protocol for the service.
34 | *
35 | * @return The protocol for the service. Expected values are "http" or
36 | * "https".
37 | */
38 | String getProtocol();
39 | }
40 |
--------------------------------------------------------------------------------
/main/java/burp/ITab.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)ITab.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.awt.Component;
13 |
14 | /**
15 | * This interface is used to provide Burp with details of a custom tab that will
16 | * be added to Burp's UI, using a method such as
17 | * IBurpExtenderCallbacks.addSuiteTab().
18 | */
19 | public interface ITab
20 | {
21 | /**
22 | * Burp uses this method to obtain the caption that should appear on the
23 | * custom tab when it is displayed.
24 | *
25 | * @return The caption that should appear on the custom tab when it is
26 | * displayed.
27 | */
28 | String getTabCaption();
29 |
30 | /**
31 | * Burp uses this method to obtain the component that should be used as the
32 | * contents of the custom tab when it is displayed.
33 | *
34 | * @return The component that should be used as the contents of the custom
35 | * tab when it is displayed.
36 | */
37 | Component getUiComponent();
38 | }
39 |
--------------------------------------------------------------------------------
/main/java/burp/IMenuItemHandler.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IMenuItemHandler.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerMenuItem() to register a custom
15 | * context menu item.
16 | *
17 | * @deprecated Use
18 | * IContextMenuFactory instead.
19 | */
20 | @Deprecated
21 | public interface IMenuItemHandler
22 | {
23 | /**
24 | * This method is invoked by Burp Suite when the user clicks on a custom
25 | * menu item which the extension has registered with Burp.
26 | *
27 | * @param menuItemCaption The caption of the menu item which was clicked.
28 | * This parameter enables extensions to provide a single implementation
29 | * which handles multiple different menu items.
30 | * @param messageInfo Details of the HTTP message(s) for which the context
31 | * menu was displayed.
32 | */
33 | void menuItemClicked(
34 | String menuItemCaption,
35 | IHttpRequestResponse[] messageInfo);
36 | }
37 |
--------------------------------------------------------------------------------
/main/java/burp/IProxyListener.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IProxyListener.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerProxyListener() to register a
15 | * Proxy listener. The listener will be notified of requests and responses being
16 | * processed by the Proxy tool. Extensions can perform custom analysis or
17 | * modification of these messages, and control in-UI message interception, by
18 | * registering a proxy listener.
19 | */
20 | public interface IProxyListener
21 | {
22 | /**
23 | * This method is invoked when an HTTP message is being processed by the
24 | * Proxy.
25 | *
26 | * @param messageIsRequest Indicates whether the HTTP message is a request
27 | * or a response.
28 | * @param message An
29 | * IInterceptedProxyMessage object that extensions can use to
30 | * query and update details of the message, and control whether the message
31 | * should be intercepted and displayed to the user for manual review or
32 | * modification.
33 | */
34 | void processProxyMessage(
35 | boolean messageIsRequest,
36 | IInterceptedProxyMessage message);
37 | }
38 |
--------------------------------------------------------------------------------
/main/java/burp/IBurpCollaboratorInteraction.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IBurpCollaboratorInteraction.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.Map;
13 |
14 | /**
15 | * This interface represents a network interaction that occurred with the Burp
16 | * Collaborator server.
17 | */
18 | public interface IBurpCollaboratorInteraction
19 | {
20 |
21 | /**
22 | * This method is used to retrieve a property of the interaction. Properties
23 | * of all interactions are: interaction_id, type, client_ip, and time_stamp.
24 | * Properties of DNS interactions are: query_type and raw_query. The
25 | * raw_query value is Base64-encoded. Properties of HTTP interactions are:
26 | * protocol, request, and response. The request and response values are
27 | * Base64-encoded.
28 | *
29 | * @param name The name of the property to retrieve.
30 | * @return A string representing the property value, or null if not present.
31 | */
32 | String getProperty(String name);
33 |
34 | /**
35 | * This method is used to retrieve a map containing all properties of the
36 | * interaction.
37 | *
38 | * @return A map containing all properties of the interaction.
39 | */
40 | MapIBurpExtenderCallbacks.registerContextMenuFactory() to register
19 | * a factory for custom context menu items.
20 | */
21 | public interface IContextMenuFactory
22 | {
23 | /**
24 | * This method will be called by Burp when the user invokes a context menu
25 | * anywhere within Burp. The factory can then provide any custom context
26 | * menu items that should be displayed in the context menu, based on the
27 | * details of the menu invocation.
28 | *
29 | * @param invocation An object that implements the
30 | * IContextMenuInvocation interface, which the extension can
31 | * query to obtain details of the context menu invocation.
32 | * @return A list of custom menu items (which may include sub-menus,
33 | * checkbox menu items, etc.) that should be displayed. Extensions may
34 | * return
35 | * null from this method, to indicate that no menu items are
36 | * required.
37 | */
38 | ListIBurpExtenderCallbacks.registerScannerInsertionPointProvider()
17 | * to register a factory for custom Scanner insertion points.
18 | */
19 | public interface IScannerInsertionPointProvider
20 | {
21 | /**
22 | * When a request is actively scanned, the Scanner will invoke this method,
23 | * and the provider should provide a list of custom insertion points that
24 | * will be used in the scan. Note: these insertion points are used in
25 | * addition to those that are derived from Burp Scanner's configuration, and
26 | * those provided by any other Burp extensions.
27 | *
28 | * @param baseRequestResponse The base request that will be actively
29 | * scanned.
30 | * @return A list of
31 | * IScannerInsertionPoint objects that should be used in the
32 | * scanning, or
33 | * null if no custom insertion points are applicable for this
34 | * request.
35 | */
36 | ListIBurpExtenderCallbacks.registerHttpListener() to register an
15 | * HTTP listener. The listener will be notified of requests and responses made
16 | * by any Burp tool. Extensions can perform custom analysis or modification of
17 | * these messages by registering an HTTP listener.
18 | */
19 | public interface IHttpListener
20 | {
21 | /**
22 | * This method is invoked when an HTTP request is about to be issued, and
23 | * when an HTTP response has been received.
24 | *
25 | * @param toolFlag A flag indicating the Burp tool that issued the request.
26 | * Burp tool flags are defined in the
27 | * IBurpExtenderCallbacks interface.
28 | * @param messageIsRequest Flags whether the method is being invoked for a
29 | * request or response.
30 | * @param messageInfo Details of the request / response to be processed.
31 | * Extensions can call the setter methods on this object to update the
32 | * current message and so modify Burp's behavior.
33 | */
34 | void processHttpMessage(int toolFlag,
35 | boolean messageIsRequest,
36 | IHttpRequestResponse messageInfo);
37 | }
38 |
--------------------------------------------------------------------------------
/profiles/AmazonAWSRequest.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "AmazonAWSRequest",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Name,s3..*amazonaws.com"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 0,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "AmazonAWS",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Amazon AWS found: \u003cbr\u003e\u003cgrep\u003e",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/main/java/burp/IIntruderPayloadGeneratorFactory.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IIntruderPayloadGeneratorFactory.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerIntruderPayloadGeneratorFactory()
15 | * to register a factory for custom Intruder payloads.
16 | */
17 | public interface IIntruderPayloadGeneratorFactory
18 | {
19 | /**
20 | * This method is used by Burp to obtain the name of the payload generator.
21 | * This will be displayed as an option within the Intruder UI when the user
22 | * selects to use extension-generated payloads.
23 | *
24 | * @return The name of the payload generator.
25 | */
26 | String getGeneratorName();
27 |
28 | /**
29 | * This method is used by Burp when the user starts an Intruder attack that
30 | * uses this payload generator.
31 | *
32 | * @param attack An
33 | * IIntruderAttack object that can be queried to obtain details
34 | * about the attack in which the payload generator will be used.
35 | * @return A new instance of
36 | * IIntruderPayloadGenerator that will be used to generate
37 | * payloads for the attack.
38 | */
39 | IIntruderPayloadGenerator createNewInstance(IIntruderAttack attack);
40 | }
41 |
--------------------------------------------------------------------------------
/profiles/ApiPath.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "ApiPath",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,/api/",
14 | "true,Or,All Request,Value,/internal_api"
15 | ],
16 | "Tags": [
17 | "API",
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": false,
29 | "OnlyHTTP": false,
30 | "IsContentType": false,
31 | "ContentType": "",
32 | "HttpResponseCode": "",
33 | "NegativeCT": false,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 0,
42 | "RedirType": 0,
43 | "MaxRedir": 0,
44 | "payloadPosition": 0,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "ApiPath",
48 | "IssueSeverity": "Information",
49 | "IssueConfidence": "Firm",
50 | "IssueDetail": "Api Path found",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [],
55 | "VariationAttributes": [],
56 | "InsertionPointType": [],
57 | "Scanas": false,
58 | "Scantype": 0,
59 | "pathDiscovery": false
60 | }
61 | ]
--------------------------------------------------------------------------------
/profiles/X-XSS-Protection.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "X-XSS-Protection",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,X-XSS-Protection: 1;"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": true,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": true,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 1,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "X-XSS-Protection",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Security Header \"X-XSS-Protection\" not present in response.",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/ApiKeyResponse.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "ApiKeyResponse",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,api_key",
14 | "true,Or,api-key",
15 | "true,Or,api key",
16 | "true,Or,apikey"
17 | ],
18 | "Tags": [
19 | "All"
20 | ],
21 | "PayloadResponse": false,
22 | "NotResponse": false,
23 | "TimeOut1": "",
24 | "TimeOut2": "",
25 | "isTime": false,
26 | "contentLength": "",
27 | "iscontentLength": false,
28 | "CaseSensitive": false,
29 | "ExcludeHTTP": false,
30 | "OnlyHTTP": false,
31 | "IsContentType": false,
32 | "ContentType": "",
33 | "HttpResponseCode": "",
34 | "NegativeCT": false,
35 | "IsResponseCode": false,
36 | "ResponseCode": "",
37 | "NegativeRC": false,
38 | "urlextension": "",
39 | "isurlextension": false,
40 | "NegativeUrlExtension": false,
41 | "MatchType": 1,
42 | "Scope": 2,
43 | "RedirType": 0,
44 | "MaxRedir": 0,
45 | "payloadPosition": 0,
46 | "payloadsFile": "",
47 | "grepsFile": "",
48 | "IssueName": "ApiKeyResponse",
49 | "IssueSeverity": "Information",
50 | "IssueConfidence": "Firm",
51 | "IssueDetail": "Api Key found",
52 | "RemediationDetail": "",
53 | "IssueBackground": "",
54 | "RemediationBackground": "",
55 | "Header": [],
56 | "VariationAttributes": [],
57 | "InsertionPointType": [],
58 | "Scanas": false,
59 | "Scantype": 0,
60 | "pathDiscovery": false
61 | }
62 | ]
--------------------------------------------------------------------------------
/profiles/Content-Security-Policy.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Content-Security-Policy",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,Content-Security-Policy"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": true,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 1,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Content-Security-Policy",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Security Header \"Content-Security-Policy\" not present in response.",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/AuthorizationBearerToken.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "AuthorizationBearerToken",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,Authorization: Bearer"
14 | ],
15 | "Tags": [
16 | "JWT",
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": false,
30 | "ContentType": "",
31 | "HttpResponseCode": "",
32 | "NegativeCT": false,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 1,
40 | "Scope": 0,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "AuthorizationBearerToken",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Firm",
49 | "IssueDetail": "Authorization Bearer Token Found",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/CookieAttrubute-Secure.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "CookieAttrubute-Secure",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,set-cookie:\\s*(?!.*(secure)).*"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "CookieAttrubute-Secure",
46 | "IssueSeverity": "Low",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Cookie attribute \"secure\" not present: \u003cbr\u003e\u003cgrep\u003e\n\n",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/JWT-Request.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "JWT-Request",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@Sy3Omda",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Name,[\u003d ]eyJ[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*"
14 | ],
15 | "Tags": [
16 | "JWT",
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": true,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": false,
30 | "ContentType": "",
31 | "HttpResponseCode": "",
32 | "NegativeCT": false,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 0,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "JWT-Detected",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Firm",
49 | "IssueDetail": "JWT Detected: \u003cbr\u003e\u003cgrep\u003e",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/X-Content-Type-Options.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "X-Content-Type-Options",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,X-Content-Type-Options: nosniff"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": true,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": true,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 1,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "X-Content-Type-Options",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Security Header \"X-Content-Type-Options\" not present in response.",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Strict-Transport-Security.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Strict-Transport-Security",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,Strict-Transport-Security"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": true,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": true,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Strict-Transport-Security",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Security Header \"Strict-Transport-Security\" not present in response.",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/main/java/burp/IMessageEditorTabFactory.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IMessageEditorTabFactory.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerMessageEditorTabFactory() to
15 | * register a factory for custom message editor tabs. This allows extensions to
16 | * provide custom rendering or editing of HTTP messages, within Burp's own HTTP
17 | * editor.
18 | */
19 | public interface IMessageEditorTabFactory
20 | {
21 | /**
22 | * Burp will call this method once for each HTTP message editor, and the
23 | * factory should provide a new instance of an
24 | * IMessageEditorTab object.
25 | *
26 | * @param controller An
27 | * IMessageEditorController object, which the new tab can query
28 | * to retrieve details about the currently displayed message. This may be
29 | * null for extension-invoked message editors where the
30 | * extension has not provided an editor controller.
31 | * @param editable Indicates whether the hosting editor is editable or
32 | * read-only.
33 | * @return A new
34 | * IMessageEditorTab object for use within the message editor.
35 | */
36 | IMessageEditorTab createNewInstance(IMessageEditorController controller,
37 | boolean editable);
38 | }
39 |
--------------------------------------------------------------------------------
/profiles/CookieAttrubute-HttpOnly.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "CookieAttrubute-HttpOnly",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,set-cookie:\\s*(?!.*(httponly)).*"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "CookieAttrubute-HttpOnly",
46 | "IssueSeverity": "Low",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Cookie attribute \"HttpOnly\" not present: \u003cbr\u003e \u003cgrep\u003e",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/CookieAttrubute-SameSite.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "CookieAttrubute-SameSite",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,set-cookie:\\s*(?!.*(samesite)).*"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "CookieAttrubute-SameSite",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Cookie attribute \"Samesite\" not present: \u003cbr\u003e \u003cgrep\u003e",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/WeblogicServer-UDDI_Explorer.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "WeblogicServer-UDDI_Explorer",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,/uddiexplorer/searchpublicregistries.jsp"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 0,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "WeblogicServer-UDDI Explorer",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "https://www.exploit-db.com/ghdb/4991",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/JoomlaSQLi-com_artforms.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "JoomlaSQLi-com_artforms",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,index.php?option\u003dcom_artforms"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 0,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "JoomlaSQLi",
46 | "IssueSeverity": "High",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Joomla \"com_artforms\" component SQL Injection:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4386/",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/NuGet_Api_Key.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "NuGet_Api_Key",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,X-NuGet-ApiKey"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": true,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "NuGet Api Key",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Joomla-ReflectedXSS.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Joomla-ReflectedXSS",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,sendmessage.php?type\u003dskype"
14 | ],
15 | "Tags": [
16 | "XSS",
17 | "CMS",
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": false,
29 | "OnlyHTTP": false,
30 | "IsContentType": false,
31 | "ContentType": "",
32 | "HttpResponseCode": "",
33 | "NegativeCT": false,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 0,
42 | "RedirType": 0,
43 | "MaxRedir": 0,
44 | "payloadPosition": 0,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "Joomla-ReflectedXSS",
48 | "IssueSeverity": "Medium",
49 | "IssueConfidence": "Certain",
50 | "IssueDetail": "Joomla-ReflectedXSS:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4398/",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [],
55 | "VariationAttributes": [],
56 | "InsertionPointType": [],
57 | "Scanas": false,
58 | "Scantype": 0,
59 | "pathDiscovery": false
60 | }
61 | ]
--------------------------------------------------------------------------------
/profiles/OAuth2response.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "OAuth2response",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,response_type",
14 | "true,Or,client_id",
15 | "true,Or,grant_type",
16 | "true,Or,redirect_uri",
17 | "true,Or,oauth",
18 | "true,Or,oidc"
19 | ],
20 | "Tags": [
21 | "All"
22 | ],
23 | "PayloadResponse": false,
24 | "NotResponse": false,
25 | "TimeOut1": "",
26 | "TimeOut2": "",
27 | "isTime": false,
28 | "contentLength": "",
29 | "iscontentLength": false,
30 | "CaseSensitive": false,
31 | "ExcludeHTTP": false,
32 | "OnlyHTTP": false,
33 | "IsContentType": false,
34 | "ContentType": "",
35 | "HttpResponseCode": "",
36 | "NegativeCT": false,
37 | "IsResponseCode": false,
38 | "ResponseCode": "",
39 | "NegativeRC": false,
40 | "urlextension": "",
41 | "isurlextension": false,
42 | "NegativeUrlExtension": false,
43 | "MatchType": 1,
44 | "Scope": 2,
45 | "RedirType": 0,
46 | "MaxRedir": 0,
47 | "payloadPosition": 0,
48 | "payloadsFile": "",
49 | "grepsFile": "",
50 | "IssueName": "OAuth2",
51 | "IssueSeverity": "Information",
52 | "IssueConfidence": "Firm",
53 | "IssueDetail": "OAuth2 Found",
54 | "RemediationDetail": "",
55 | "IssueBackground": "",
56 | "RemediationBackground": "",
57 | "Header": [],
58 | "VariationAttributes": [],
59 | "InsertionPointType": [],
60 | "Scanas": false,
61 | "Scantype": 0,
62 | "pathDiscovery": false
63 | }
64 | ]
--------------------------------------------------------------------------------
/profiles/Wordpress-SensitiveDirectories.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Wordpress-SensitiveDirectories",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,/wp-content/uploads/wp-backup-plus/"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Wordpress-SensitiveDirectories",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Wordpress Sensitive Directories:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/5032/",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Octopus_API_Key.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Octopus_API_Key",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,X-Octopus-ApiKey"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": true,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "X-Octopus-ApiKey",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Picatic_API_Key.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Picatic_API_Key",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,sk_live_[0-9a-z]{32}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Picatic API Key",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Joomla-ArbitraryFileUpload.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Joomla-ArbitraryFileUpload",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,index.php?option\u003dcom_joomanager"
14 | ],
15 | "Tags": [
16 | "CMS",
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": false,
30 | "ContentType": "",
31 | "HttpResponseCode": "",
32 | "NegativeCT": false,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 1,
40 | "Scope": 0,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "Joomla-ArbitraryFileUpload",
47 | "IssueSeverity": "High",
48 | "IssueConfidence": "Firm",
49 | "IssueDetail": "Joomla Arbitrary File Upload:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4687/",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/NoSQL_Session_Token.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "NoSQL_Session_Token",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,_SessionToken"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "NoSQL Session Token",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Swagger_found.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Swagger_found",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,swagger-ui.html"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 1,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Swagger url found",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "Swagger url found",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/ApiKeyRequest.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "ApiKeyRequest",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,api_key",
14 | "true,Or,All Request,Value,api-key",
15 | "true,Or,All Request,Value,api key",
16 | "true,Or,All Request,Value,apikey"
17 | ],
18 | "Tags": [
19 | "API",
20 | "All"
21 | ],
22 | "PayloadResponse": false,
23 | "NotResponse": false,
24 | "TimeOut1": "",
25 | "TimeOut2": "",
26 | "isTime": false,
27 | "contentLength": "",
28 | "iscontentLength": false,
29 | "CaseSensitive": false,
30 | "ExcludeHTTP": false,
31 | "OnlyHTTP": false,
32 | "IsContentType": false,
33 | "ContentType": "",
34 | "HttpResponseCode": "",
35 | "NegativeCT": false,
36 | "IsResponseCode": false,
37 | "ResponseCode": "",
38 | "NegativeRC": false,
39 | "urlextension": "",
40 | "isurlextension": false,
41 | "NegativeUrlExtension": false,
42 | "MatchType": 1,
43 | "Scope": 0,
44 | "RedirType": 0,
45 | "MaxRedir": 0,
46 | "payloadPosition": 0,
47 | "payloadsFile": "",
48 | "grepsFile": "",
49 | "IssueName": "ApiKeyRequest",
50 | "IssueSeverity": "Information",
51 | "IssueConfidence": "Firm",
52 | "IssueDetail": "Api Key found",
53 | "RemediationDetail": "",
54 | "IssueBackground": "",
55 | "RemediationBackground": "",
56 | "Header": [],
57 | "VariationAttributes": [],
58 | "InsertionPointType": [],
59 | "Scanas": false,
60 | "Scantype": 0,
61 | "pathDiscovery": false
62 | }
63 | ]
--------------------------------------------------------------------------------
/profiles/Bitcoin_Address.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Bitcoin_Address",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(bc1|[13])[a-zA-HJ-NP-Z0-9]{25,39}$"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Bitcoin Address",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/ErrorPages-JobApps.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "ErrorPages-JobApps",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,syd_apply.cfm"
14 | ],
15 | "Tags": [
16 | "Errors",
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": false,
30 | "ContentType": "",
31 | "HttpResponseCode": "",
32 | "NegativeCT": false,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 1,
40 | "Scope": 0,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "ErrorPages-JobApps",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Firm",
49 | "IssueDetail": "Find error pages for job applications, sometimes can contain juicy information:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/5033/",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/GitFinder.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "GitFinder",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 1,
7 | "Author": "@egarme",
8 | "Payloads": [
9 | "true,/.git/HEAD"
10 | ],
11 | "Encoder": [],
12 | "UrlEncode": false,
13 | "CharsToUrlEncode": "",
14 | "Grep": [
15 | "true,,refs"
16 | ],
17 | "Tags": [
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": false,
29 | "OnlyHTTP": false,
30 | "IsContentType": true,
31 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
32 | "HttpResponseCode": "",
33 | "NegativeCT": true,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 0,
42 | "RedirType": 4,
43 | "MaxRedir": 5,
44 | "payloadPosition": 1,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "GitFinder",
48 | "IssueSeverity": "Low",
49 | "IssueConfidence": "Firm",
50 | "IssueDetail": "",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [],
55 | "VariationAttributes": [],
56 | "InsertionPointType": [
57 | 65
58 | ],
59 | "Scanas": false,
60 | "Scantype": 0,
61 | "pathDiscovery": false
62 | }
63 | ]
--------------------------------------------------------------------------------
/profiles/Joomla-CVE-2015-7297.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Joomla-CVE-2015-7297",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,powered by joomla 3.2",
14 | "true,Or,powered by joomla 3.3",
15 | "true,Or,powered by joomla 3.4"
16 | ],
17 | "Tags": [
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": false,
29 | "OnlyHTTP": false,
30 | "IsContentType": false,
31 | "ContentType": "",
32 | "HttpResponseCode": "",
33 | "NegativeCT": false,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 2,
42 | "RedirType": 0,
43 | "MaxRedir": 0,
44 | "payloadPosition": 0,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "Joomla-SQLi",
48 | "IssueSeverity": "High",
49 | "IssueConfidence": "Firm",
50 | "IssueDetail": "Joomla SQLi - CVE-2015-7297: \u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4110/",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [],
55 | "VariationAttributes": [],
56 | "InsertionPointType": [],
57 | "Scanas": false,
58 | "Scantype": 0,
59 | "pathDiscovery": false
60 | }
61 | ]
--------------------------------------------------------------------------------
/profiles/Private_SSH_Key.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Private_SSH_Key",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,([-]+BEGIN [^\\s]+ PRIVATE KEY[-])"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Private SSH Key",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Mailto.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Mailto",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?\u003c\u003dmailto:)[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9.-]+"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Mailto",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/AWS_EC2_Url.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "AWS_EC2_Url",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,ec2-[0-9-]+.cd-[a-z0-9-]+.compute.amazonaws.com"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "AWS EC2 Url detected",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Gmail_Oauth_2.0.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Gmail_Oauth_2.0",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Gmail Oauth 2.0",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/StackHawk_API_Key.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "StackHawk_API_Key",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,hawk\\.[0-9A-Za-z\\-_]{20}\\.[0-9A-Za-z\\-_]{20}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "StackHawk API Key",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Twitter_Client_ID.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Twitter_Client_ID",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)twitter(.{0,20})?[\u0027\\\"][0-9a-z]{18,25}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Twitter Client ID",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/AWS_Region.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "AWS_Region",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\\d"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "AWS Region detected",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/AWS_Secret_Key.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "AWS_Secret_Key",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)aws(.{0,20})?(?-i)[\u0027\\\"][0-9a-zA-Z\\/+]{40}[\u0027\\\"]"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "AWS Secret Key",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Artifactory_API_Token.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Artifactory_API_Token",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?:\\s|\u003d|:|\"|^)AKC[a-zA-Z0-9]{10,}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Artifactory API Token",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Facebook_Client_ID.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Facebook_Client_ID",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)(facebook|fb)(.{0,20})?[\u0027\\\"][0-9]{13,17}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Facebook client ID",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/GCP_Urls.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "GCP_Urls",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,.corp.google.com",
14 | "true,Or,.c.googlers.com"
15 | ],
16 | "Tags": [
17 | "Cloud",
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": false,
29 | "OnlyHTTP": false,
30 | "IsContentType": true,
31 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
32 | "HttpResponseCode": "",
33 | "NegativeCT": true,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 2,
42 | "RedirType": 0,
43 | "MaxRedir": 0,
44 | "payloadPosition": 0,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "GCP Urls found",
48 | "IssueSeverity": "Information",
49 | "IssueConfidence": "Certain",
50 | "IssueDetail": "",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [],
55 | "VariationAttributes": [],
56 | "InsertionPointType": [],
57 | "Scanas": false,
58 | "Scantype": 0,
59 | "pathDiscovery": false
60 | }
61 | ]
--------------------------------------------------------------------------------
/profiles/LinkedIn_Secret.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "LinkedIn_Secret",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)linkedin(.{0,20})?[\u0027\\\"][0-9a-z]{16}[\u0027\\\"]"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "LinkedIn Secret",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Outlook_Team.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Outlook_Team",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(https\\\\:\\/\\/outlook\\\\.office.com\\/webhook\\/[0-9a-f-]{36}\\\\@)"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Outlook Team",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Artifactory_Password.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Artifactory_Password",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?:\\s|\u003d|:|\"|^)AP[\\dABCDEF][a-zA-Z0-9]{8,}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Artifactory Password",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Cloudinary_Basic_Auth.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Cloudinary_Basic_Auth",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,cloudinary:\\/\\/[0-9]{15}:[0-9A-Za-z]+@[a-z]+"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Cloudinary Basic Auth",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Google_Drive_OAuth.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Google_Drive_OAuth",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Google Drive OAuth",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/HockeyApp_Key.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "HockeyApp_Key",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)hockey.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{32}(\\\\\\\"|\u0027|`)?"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "HockeyApp Key",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/CodeClimate_Key.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "CodeClimate_Key",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)codeclima.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{64}(\\\\\\\"|\u0027|`)?"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "CodeClimate Key",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Env_Vars.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Env_Vars",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)(apikey|secret|key|api|password|pass|pw|host)\u003d[0-9a-zA-Z-_.{}]{4,120}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Environment Variables",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/GCP_Service_Account.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "GCP_Service_Account",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,\\\"type\\\": \\\"service_account\\\""
14 | ],
15 | "Tags": [
16 | "Cloud",
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "GCP Service Account",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/LinkedIn_Client_ID.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "LinkedIn_Client_ID",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)linkedin(.{0,20})?(?-i)[\u0027\\\"][0-9a-z]{12}[\u0027\\\"]"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "LinkedIn Client Id",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Facebook_OAuth.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Facebook_OAuth",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*[\u0027|\\\"][0-9a-f]{32}[\u0027|\\\"]"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Facebook OAuth",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Google_Oauth.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Google_Oauth",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,^(ya29\\.[0-9A-Za-z\\-_]+)",
14 | "true,Or,[^a-zA-Z0-9](ya29\\.[0-9A-Za-z\\-_]+)"
15 | ],
16 | "Tags": [
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "Google Oauth",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/Youtube_Channel_ID.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Youtube_Channel_ID",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,https?:\\/\\/(www\\.)?youtube.com\\/channel\\/UC([-_a-z0-9]{22})"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Youtube Channel ID",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/AWS_Client_Secret.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "AWS_Client_Secret",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(SecretAccessKey|aws_secret_access_key)"
14 | ],
15 | "Tags": [
16 | "All",
17 | "Cloud"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "AWS Client Secret",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "AWS Client Secret",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/AWS_Creds_File.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "AWS_Creds_File",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)(aws_access_key_id|aws_secret_access_key)(.{0,20})?\u003d.[0-9a-zA-Z\\/+]{20,40}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "AWS Credential Files",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Drupalgeddon.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Drupalgeddon",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,\\/user\\/register.*Powered by Drupal"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Drupalgeddon",
46 | "IssueSeverity": "High",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Possible Drupalgeddon 2 or 3:\u003cbr\u003e\n\n\u003cbr\u003ehttps://www.exploit-db.com/ghdb/4782/\n\n\u003cbr\u003ehttps://www.exploit-db.com/exploits/44482/\n\n\u003cbr\u003ehttps://www.exploit-db.com/exploits/44557/\n",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Google_Cloud_Buckets.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Google_Cloud_Buckets",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(\\.storage\\.googleapis\\.com)|(\\.storage\\.cloud\\.googleapis\\.com)"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Google Cloud Buckets",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/SonarQube_API_Key_Docs.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "SonarQube_API_Key_Docs",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)sonar.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{40}(\\\\\\\"|\u0027|`)?"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "SonarQube Api Key Docs",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Twitter_OAuth.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Twitter_OAuth",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}[\u0027\\\"\\\\s][0-9a-zA-Z]{35,44}[\u0027\\\"\\\\s]"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Twitter OAuth",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Basic_Auth_Credentials.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Basic_Auth_Credentials",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?\u003c\u003d:\\/\\/)[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\\.[a-zA-Z]+"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Basic Auth Credentials",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/MAC_Address.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "MAC_Address",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,^([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})",
14 | "true,Or,[^a-zA-Z0-9]([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})"
15 | ],
16 | "Tags": [
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "MAC Address",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/Paypal_Braintree_access_token.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Paypal_Braintree_access_token",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Paypal Braintree access token",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Authorization_Bearer.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Authorization_Bearer",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,bearer\\s*[a-zA-Z0-9_\\-\\.\u003d:_\\+\\/]+"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2,application/javascript",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Authorization Bearer",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "Authorization Bearer",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/find-Tokens.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "find-Tokens",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@ayadi0x1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(?i)(([a-z0-9]+)[-|_])?(key|password|passwd|pass|pwd|private|credential|auth|cred|creds|secret|access|token)([-|_][a-z]+)?(\\s)*(:|\u003d)+"
14 | ],
15 | "Tags": [
16 | "token",
17 | "API",
18 | "regex",
19 | "InformationDisclosure",
20 | "All"
21 | ],
22 | "PayloadResponse": false,
23 | "NotResponse": false,
24 | "TimeOut1": "",
25 | "TimeOut2": "",
26 | "isTime": false,
27 | "contentLength": "",
28 | "iscontentLength": false,
29 | "CaseSensitive": false,
30 | "ExcludeHTTP": true,
31 | "OnlyHTTP": false,
32 | "IsContentType": false,
33 | "ContentType": "",
34 | "HttpResponseCode": "",
35 | "NegativeCT": false,
36 | "IsResponseCode": false,
37 | "ResponseCode": "",
38 | "NegativeRC": false,
39 | "urlextension": "",
40 | "isurlextension": false,
41 | "NegativeUrlExtension": false,
42 | "MatchType": 2,
43 | "Scope": 0,
44 | "RedirType": 0,
45 | "MaxRedir": 0,
46 | "payloadPosition": 0,
47 | "payloadsFile": "",
48 | "grepsFile": "",
49 | "IssueName": "Token Founded",
50 | "IssueSeverity": "Medium",
51 | "IssueConfidence": "Firm",
52 | "IssueDetail": "api key - secrets - leaks founded ",
53 | "RemediationDetail": "",
54 | "IssueBackground": "",
55 | "RemediationBackground": "",
56 | "Header": [],
57 | "VariationAttributes": [],
58 | "InsertionPointType": [],
59 | "Scanas": false,
60 | "Scantype": 0,
61 | "pathDiscovery": false
62 | }
63 | ]
64 |
--------------------------------------------------------------------------------
/profiles/Android_WebView_JS.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Android_WebView_JS",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,setJavaScriptEnabled\\(true\\)"
14 | ],
15 | "Tags": [
16 | "All",
17 | "Mobile"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "Possible Android Webview JS enabled",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "Possible Android Webview JS enabled",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/Amazon_MWS_Auth_Token.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Amazon_MWS_Auth_Token",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,amzn\\\\.mws\\\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "Amazon MWS url found",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "Amazon MWS url found",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/OAuth2.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "OAuth2",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 3,
7 | "Author": "@egarme",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,All Request,Value,response_type",
14 | "true,Or,All Request,Value,client_id",
15 | "true,Or,All Request,Value,grant_type",
16 | "true,Or,All Request,Value,redirect_uri",
17 | "true,Or,All Request,Value,oauth",
18 | "true,Or,All Request,Value,oidc"
19 | ],
20 | "Tags": [
21 | "JWT",
22 | "All"
23 | ],
24 | "PayloadResponse": false,
25 | "NotResponse": false,
26 | "TimeOut1": "",
27 | "TimeOut2": "",
28 | "isTime": false,
29 | "contentLength": "",
30 | "iscontentLength": false,
31 | "CaseSensitive": false,
32 | "ExcludeHTTP": false,
33 | "OnlyHTTP": false,
34 | "IsContentType": false,
35 | "ContentType": "",
36 | "HttpResponseCode": "",
37 | "NegativeCT": false,
38 | "IsResponseCode": false,
39 | "ResponseCode": "",
40 | "NegativeRC": false,
41 | "urlextension": "",
42 | "isurlextension": false,
43 | "NegativeUrlExtension": false,
44 | "MatchType": 1,
45 | "Scope": 0,
46 | "RedirType": 0,
47 | "MaxRedir": 0,
48 | "payloadPosition": 0,
49 | "payloadsFile": "",
50 | "grepsFile": "",
51 | "IssueName": "OAuth2",
52 | "IssueSeverity": "Information",
53 | "IssueConfidence": "Firm",
54 | "IssueDetail": "OAuth2 Found",
55 | "RemediationDetail": "",
56 | "IssueBackground": "",
57 | "RemediationBackground": "",
58 | "Header": [],
59 | "VariationAttributes": [],
60 | "InsertionPointType": [],
61 | "Scanas": false,
62 | "Scantype": 0,
63 | "pathDiscovery": false
64 | }
65 | ]
--------------------------------------------------------------------------------
/profiles/US_SSN.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "US_SSN",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,^((?!0{3})(?!6{3})[0-8]\\d{2}-(?!0{2})\\d{2}-(?!0{4})\\d{4})",
14 | "true,Or,[^a-zA-Z0-9]((?!0{3})(?!6{3})[0-8]\\d{2}-(?!0{2})\\d{2}-(?!0{4})\\d{4})"
15 | ],
16 | "Tags": [
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "US SSN",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/Heroku_OAuth_2.0.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Heroku_OAuth_2.0",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,^(0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})",
14 | "true,Or,[^a-zA-Z0-9](0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})"
15 | ],
16 | "Tags": [
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "Heroku OAuth 2.0",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/OpenRedirectActive.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "OpenRedirectActive",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 1,
7 | "Author": "@GochaOqradze",
8 | "Payloads": [
9 | "true,redirectx"
10 | ],
11 | "Encoder": [],
12 | "UrlEncode": false,
13 | "CharsToUrlEncode": "",
14 | "Grep": [
15 | "true,,\u003cmeta http-equiv\u003d\"refresh\".*redirectx\" /\u003e",
16 | "true,Or,window\\.location.*redirectx",
17 | "true,Or,Location:.*redirectx"
18 | ],
19 | "Tags": [
20 | "All"
21 | ],
22 | "PayloadResponse": false,
23 | "NotResponse": false,
24 | "TimeOut1": "",
25 | "TimeOut2": "",
26 | "isTime": false,
27 | "contentLength": "",
28 | "iscontentLength": false,
29 | "CaseSensitive": false,
30 | "ExcludeHTTP": false,
31 | "OnlyHTTP": false,
32 | "IsContentType": false,
33 | "ContentType": "",
34 | "HttpResponseCode": "",
35 | "NegativeCT": false,
36 | "IsResponseCode": false,
37 | "ResponseCode": "",
38 | "NegativeRC": false,
39 | "urlextension": "",
40 | "isurlextension": false,
41 | "NegativeUrlExtension": false,
42 | "MatchType": 2,
43 | "Scope": 0,
44 | "RedirType": 0,
45 | "MaxRedir": 0,
46 | "payloadPosition": 1,
47 | "payloadsFile": "",
48 | "grepsFile": "",
49 | "IssueName": "",
50 | "IssueSeverity": "",
51 | "IssueConfidence": "",
52 | "IssueDetail": "",
53 | "RemediationDetail": "",
54 | "IssueBackground": "",
55 | "RemediationBackground": "",
56 | "Header": [],
57 | "VariationAttributes": [],
58 | "InsertionPointType": [
59 | 65,
60 | 36,
61 | 1,
62 | 6,
63 | 5,
64 | 64,
65 | 0,
66 | 3
67 | ],
68 | "Scanas": false,
69 | "Scantype": 0,
70 | "pathDiscovery": false
71 | }
72 | ]
--------------------------------------------------------------------------------
/profiles/RoR CVE-2019-5418 WAF Bypass.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "RoR CVE-2019-5418 WAF Bypass",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 1,
7 | "Author": "@egarme",
8 | "Payloads": [
9 | "true,/"
10 | ],
11 | "Encoder": [],
12 | "UrlEncode": false,
13 | "CharsToUrlEncode": "",
14 | "Grep": [
15 | "true,,root:x"
16 | ],
17 | "Tags": [
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": false,
29 | "OnlyHTTP": false,
30 | "IsContentType": false,
31 | "ContentType": "",
32 | "HttpResponseCode": "",
33 | "NegativeCT": false,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 0,
42 | "RedirType": 4,
43 | "MaxRedir": 3,
44 | "payloadPosition": 1,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "Ruby on Rails CVE-2019-5418",
48 | "IssueSeverity": "High",
49 | "IssueConfidence": "Certain",
50 | "IssueDetail": "",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [
55 | {
56 | "type": "Request",
57 | "match": "Accept: .*",
58 | "replace": "Accept: ../../../../../../../../e*c/p*ss*d{{",
59 | "regex": "Regex"
60 | }
61 | ],
62 | "VariationAttributes": [],
63 | "InsertionPointType": [
64 | 65
65 | ],
66 | "Scanas": false,
67 | "Scantype": 0,
68 | "pathDiscovery": false
69 | }
70 | ]
--------------------------------------------------------------------------------
/profiles/RoR_CVE-2019-5418_WAF_Bypass.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "RoR_CVE-2019-5418_WAF_Bypass",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 1,
7 | "Author": "@egarme",
8 | "Payloads": [
9 | "true,/"
10 | ],
11 | "Encoder": [],
12 | "UrlEncode": false,
13 | "CharsToUrlEncode": "",
14 | "Grep": [
15 | "true,,root:x"
16 | ],
17 | "Tags": [
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": false,
29 | "OnlyHTTP": false,
30 | "IsContentType": false,
31 | "ContentType": "",
32 | "HttpResponseCode": "",
33 | "NegativeCT": false,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 0,
42 | "RedirType": 4,
43 | "MaxRedir": 3,
44 | "payloadPosition": 1,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "Ruby on Rails CVE-2019-5418",
48 | "IssueSeverity": "High",
49 | "IssueConfidence": "Certain",
50 | "IssueDetail": "",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [
55 | {
56 | "type": "Request",
57 | "match": "Accept: .*",
58 | "replace": "Accept: ../../../../../../../../e*c/p*ss*d{{",
59 | "regex": "Regex"
60 | }
61 | ],
62 | "VariationAttributes": [],
63 | "InsertionPointType": [
64 | 65
65 | ],
66 | "Scanas": false,
67 | "Scantype": 0,
68 | "pathDiscovery": false
69 | }
70 | ]
--------------------------------------------------------------------------------
/profiles/JWT.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "JWT",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,^(ey[A-Za-z0-9_-]*\\.[A-Za-z0-9._-]*|ey[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*)",
14 | "true,Or,[^a-zA-Z0-9](ey[A-Za-z0-9_-]*\\.[A-Za-z0-9._-]*|ey[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*)"
15 | ],
16 | "Tags": [
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "JWT",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/Swagger-Finder.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Swagger-Finder",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 1,
7 | "Author": "@egarme",
8 | "Payloads": [
9 | "true,/swagger-ui.html",
10 | "true,/swagger/swagger-ui.html",
11 | "true,/api/swagger-ui.html",
12 | "true,/swagger/index.html",
13 | "true,/v1.0/swagger-ui.html",
14 | "true,/v2.0/swagger-ui.html",
15 | "true,/v3.0/swagger-ui.html"
16 | ],
17 | "Encoder": [],
18 | "UrlEncode": false,
19 | "CharsToUrlEncode": "",
20 | "Grep": [
21 | "true,,id\u003d\"swagger"
22 | ],
23 | "Tags": [
24 | "All"
25 | ],
26 | "PayloadResponse": false,
27 | "NotResponse": false,
28 | "TimeOut1": "",
29 | "TimeOut2": "",
30 | "isTime": false,
31 | "contentLength": "",
32 | "iscontentLength": false,
33 | "CaseSensitive": false,
34 | "ExcludeHTTP": false,
35 | "OnlyHTTP": false,
36 | "IsContentType": false,
37 | "ContentType": "",
38 | "HttpResponseCode": "",
39 | "NegativeCT": false,
40 | "IsResponseCode": false,
41 | "ResponseCode": "",
42 | "NegativeRC": false,
43 | "urlextension": "",
44 | "isurlextension": false,
45 | "NegativeUrlExtension": false,
46 | "MatchType": 1,
47 | "Scope": 0,
48 | "RedirType": 4,
49 | "MaxRedir": 5,
50 | "payloadPosition": 1,
51 | "payloadsFile": "",
52 | "grepsFile": "",
53 | "IssueName": "Swagger-Finder",
54 | "IssueSeverity": "Low",
55 | "IssueConfidence": "Firm",
56 | "IssueDetail": "",
57 | "RemediationDetail": "",
58 | "IssueBackground": "",
59 | "RemediationBackground": "",
60 | "Header": [],
61 | "VariationAttributes": [],
62 | "InsertionPointType": [
63 | 65
64 | ],
65 | "Scanas": false,
66 | "Scantype": 0,
67 | "pathDiscovery": false
68 | }
69 | ]
--------------------------------------------------------------------------------
/profiles/WP_Config.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "WP_Config",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,define(.{0,20})?(DB_CHARSET|NONCE_SALT|LOGGED_IN_SALT|AUTH_SALT|NONCE_KEY|DB_HOST|DB_PASSWORD|AUTH_KEY|SECURE_AUTH_KEY|LOGGED_IN_KEY|DB_NAME|DB_USER)(.{0,20})?[\u0027|\"].{10,120}[\u0027|\"]"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "WP Config",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/Azure_Blob_Discovered.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Azure_Blob_Discovered",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,http(?:s):\\/\\/.[^\u003e\u003c\\\u0027\\\" \\n\\)]+.blob.core.windows.net\\/.[^\u003e\u003c\\\u0027\\\" \\n\\/)]+.\\/"
14 | ],
15 | "Tags": [
16 | "All",
17 | "Cloud"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "Azure Blob Url detected",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "Azure Blob Url detected",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/Google_Cloud_Platform_OAuth_2.0.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Google_Cloud_Platform_OAuth_2.0",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})",
14 | "true,Or,[^a-zA-Z0-9]([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})"
15 | ],
16 | "Tags": [
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "Google Cloud Platform OAuth 2.0",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/Cisco_ASA_Device_Found.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Cisco_ASA_Device_Found",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,+CSCOE+",
14 | "true,Or,+CSCOT+"
15 | ],
16 | "Tags": [
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 1,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "Cisco ASA Device Found (Passive)",
47 | "IssueSeverity": "Low",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "Cisco ASA Device Found (Passive)",
50 | "RemediationDetail": "Cisco ASA Device Found (Passive)",
51 | "IssueBackground": "Cisco ASA Device Found (Passive)",
52 | "RemediationBackground": "Cisco ASA Device Found (Passive)",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/DigitalOcean_Space_Discovered.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "DigitalOcean_Space_Discovered",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,http(?:s)://[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.digitaloceanspaces.com"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": false,
27 | "OnlyHTTP": false,
28 | "IsContentType": true,
29 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
30 | "HttpResponseCode": "",
31 | "NegativeCT": true,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "DigitalOcean Space Discovered",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Certain",
48 | "IssueDetail": "",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/main/java/burp/IIntruderPayloadProcessor.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IIntruderPayloadProcessor.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * Extensions can implement this interface and then call
14 | * IBurpExtenderCallbacks.registerIntruderPayloadProcessor() to
15 | * register a custom Intruder payload processor.
16 | */
17 | public interface IIntruderPayloadProcessor
18 | {
19 | /**
20 | * This method is used by Burp to obtain the name of the payload processor.
21 | * This will be displayed as an option within the Intruder UI when the user
22 | * selects to use an extension-provided payload processor.
23 | *
24 | * @return The name of the payload processor.
25 | */
26 | String getProcessorName();
27 |
28 | /**
29 | * This method is invoked by Burp each time the processor should be applied
30 | * to an Intruder payload.
31 | *
32 | * @param currentPayload The value of the payload to be processed.
33 | * @param originalPayload The value of the original payload prior to
34 | * processing by any already-applied processing rules.
35 | * @param baseValue The base value of the payload position, which will be
36 | * replaced with the current payload.
37 | * @return The value of the processed payload. This may be
38 | * null to indicate that the current payload should be skipped,
39 | * and the attack will move directly to the next payload.
40 | */
41 | byte[] processPayload(
42 | byte[] currentPayload,
43 | byte[] originalPayload,
44 | byte[] baseValue);
45 | }
46 |
--------------------------------------------------------------------------------
/main/java/burp/IHttpRequestResponseWithMarkers.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IHttpRequestResponseWithMarkers.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.List;
13 |
14 | /**
15 | * This interface is used for an
16 | * IHttpRequestResponse object that has had markers applied.
17 | * Extensions can create instances of this interface using
18 | * IBurpExtenderCallbacks.applyMarkers(), or provide their own
19 | * implementation. Markers are used in various situations, such as specifying
20 | * Intruder payload positions, Scanner insertion points, and highlights in
21 | * Scanner issues.
22 | */
23 | public interface IHttpRequestResponseWithMarkers extends IHttpRequestResponse
24 | {
25 | /**
26 | * This method returns the details of the request markers.
27 | *
28 | * @return A list of index pairs representing the offsets of markers for the
29 | * request message. Each item in the list is an int[2] array containing the
30 | * start and end offsets for the marker. The method may return
31 | * null if no request markers are defined.
32 | */
33 | Listnull if no response markers are defined.
42 | */
43 | ListIIntruderPayloadGeneratorFactory must return a new instance of
16 | * this interface when required as part of a new Intruder attack.
17 | */
18 | public interface IIntruderPayloadGenerator
19 | {
20 | /**
21 | * This method is used by Burp to determine whether the payload generator is
22 | * able to provide any further payloads.
23 | *
24 | * @return Extensions should return
25 | * false when all the available payloads have been used up,
26 | * otherwise
27 | * true.
28 | */
29 | boolean hasMorePayloads();
30 |
31 | /**
32 | * This method is used by Burp to obtain the value of the next payload.
33 | *
34 | * @param baseValue The base value of the current payload position. This
35 | * value may be
36 | * null if the concept of a base value is not applicable (e.g.
37 | * in a battering ram attack).
38 | * @return The next payload to use in the attack.
39 | */
40 | byte[] getNextPayload(byte[] baseValue);
41 |
42 | /**
43 | * This method is used by Burp to reset the state of the payload generator
44 | * so that the next call to
45 | * getNextPayload() returns the first payload again. This
46 | * method will be invoked when an attack uses the same payload generator for
47 | * more than one payload position, for example in a sniper attack.
48 | */
49 | void reset();
50 | }
51 |
--------------------------------------------------------------------------------
/main/java/burp/ICookie.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)ICookie.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.Date;
13 |
14 | /**
15 | * This interface is used to hold details about an HTTP cookie.
16 | */
17 | public interface ICookie
18 | {
19 | /**
20 | * This method is used to retrieve the domain for which the cookie is in
21 | * scope.
22 | *
23 | * @return The domain for which the cookie is in scope. Note: For
24 | * cookies that have been analyzed from responses (by calling
25 | * IExtensionHelpers.analyzeResponse() and then
26 | * IResponseInfo.getCookies(), the domain will be
27 | * null if the response did not explicitly set a domain
28 | * attribute for the cookie.
29 | */
30 | String getDomain();
31 |
32 | /**
33 | * This method is used to retrieve the path for which the cookie is in
34 | * scope.
35 | *
36 | * @return The path for which the cookie is in scope or null if none is set.
37 | */
38 | String getPath();
39 |
40 | /**
41 | * This method is used to retrieve the expiration time for the cookie.
42 | *
43 | * @return The expiration time for the cookie, or
44 | * null if none is set (i.e., for non-persistent session
45 | * cookies).
46 | */
47 | Date getExpiration();
48 |
49 | /**
50 | * This method is used to retrieve the name of the cookie.
51 | *
52 | * @return The name of the cookie.
53 | */
54 | String getName();
55 |
56 | /**
57 | * This method is used to retrieve the value of the cookie.
58 | * @return The value of the cookie.
59 | */
60 | String getValue();
61 | }
62 |
--------------------------------------------------------------------------------
/main/java/burp/IMessageEditorController.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IMessageEditorController.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | /**
13 | * This interface is used by an
14 | * IMessageEditor to obtain details about the currently displayed
15 | * message. Extensions that create instances of Burp's HTTP message editor can
16 | * optionally provide an implementation of
17 | * IMessageEditorController, which the editor will invoke when it
18 | * requires further information about the current message (for example, to send
19 | * it to another Burp tool). Extensions that provide custom editor tabs via an
20 | * IMessageEditorTabFactory will receive a reference to an
21 | * IMessageEditorController object for each tab instance they
22 | * generate, which the tab can invoke if it requires further information about
23 | * the current message.
24 | */
25 | public interface IMessageEditorController
26 | {
27 | /**
28 | * This method is used to retrieve the HTTP service for the current message.
29 | *
30 | * @return The HTTP service for the current message.
31 | */
32 | IHttpService getHttpService();
33 |
34 | /**
35 | * This method is used to retrieve the HTTP request associated with the
36 | * current message (which may itself be a response).
37 | *
38 | * @return The HTTP request associated with the current message.
39 | */
40 | byte[] getRequest();
41 |
42 | /**
43 | * This method is used to retrieve the HTTP response associated with the
44 | * current message (which may itself be a request).
45 | *
46 | * @return The HTTP response associated with the current message.
47 | */
48 | byte[] getResponse();
49 | }
50 |
--------------------------------------------------------------------------------
/profiles/AWS_Access_Key_ID.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "AWS_Access_Key_ID",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,[^a-zA-Z0-9](AKIA[a-zA-Z0-9]{16})",
14 | "true,Or,(AccessKeyId|aws_access_key_id)",
15 | "true,Or,^(AKIA[a-zA-Z0-9]{16})",
16 | "true,Or,^((A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16})",
17 | "true,Or,[^a-zA-Z0-9]((A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16})"
18 | ],
19 | "Tags": [
20 | "All",
21 | "Cloud"
22 | ],
23 | "PayloadResponse": false,
24 | "NotResponse": false,
25 | "TimeOut1": "",
26 | "TimeOut2": "",
27 | "isTime": false,
28 | "contentLength": "",
29 | "iscontentLength": false,
30 | "CaseSensitive": false,
31 | "ExcludeHTTP": false,
32 | "OnlyHTTP": false,
33 | "IsContentType": true,
34 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
35 | "HttpResponseCode": "",
36 | "NegativeCT": true,
37 | "IsResponseCode": false,
38 | "ResponseCode": "",
39 | "NegativeRC": false,
40 | "urlextension": "",
41 | "isurlextension": false,
42 | "NegativeUrlExtension": false,
43 | "MatchType": 2,
44 | "Scope": 2,
45 | "RedirType": 0,
46 | "MaxRedir": 0,
47 | "payloadPosition": 0,
48 | "payloadsFile": "",
49 | "grepsFile": "",
50 | "IssueName": "AWS Access Key ID",
51 | "IssueSeverity": "Information",
52 | "IssueConfidence": "Certain",
53 | "IssueDetail": "",
54 | "RemediationDetail": "",
55 | "IssueBackground": "",
56 | "RemediationBackground": "",
57 | "Header": [],
58 | "VariationAttributes": [],
59 | "InsertionPointType": [],
60 | "Scanas": false,
61 | "Scantype": 0,
62 | "pathDiscovery": false
63 | }
64 | ]
--------------------------------------------------------------------------------
/profiles/Amazon_AWS_S3_Url.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Amazon_AWS_S3_Url",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,[a-zA-Z0-9-\\.\\_]+\\.s3\\.amazonaws\\.com",
14 | "true,Or,s3:\\/\\/[a-zA-Z0-9-\\.\\_]+",
15 | "true,Or,s3.amazonaws.com\\/[a-zA-Z0-9-\\.\\_]+",
16 | "true,Or,s3.console.aws.amazon.com\\/s3\\/buckets\\/[a-zA-Z0-9-\\.\\_]+",
17 | "true,Or,s3\\\\.amazonaws.com[/]+|[a-zA-Z0-9_-]*\\\\.s3\\\\.amazonaws.com"
18 | ],
19 | "Tags": [
20 | "Cloud",
21 | "All"
22 | ],
23 | "PayloadResponse": false,
24 | "NotResponse": false,
25 | "TimeOut1": "",
26 | "TimeOut2": "",
27 | "isTime": false,
28 | "contentLength": "",
29 | "iscontentLength": false,
30 | "CaseSensitive": false,
31 | "ExcludeHTTP": false,
32 | "OnlyHTTP": false,
33 | "IsContentType": true,
34 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
35 | "HttpResponseCode": "",
36 | "NegativeCT": true,
37 | "IsResponseCode": false,
38 | "ResponseCode": "",
39 | "NegativeRC": false,
40 | "urlextension": "",
41 | "isurlextension": false,
42 | "NegativeUrlExtension": false,
43 | "MatchType": 2,
44 | "Scope": 2,
45 | "RedirType": 0,
46 | "MaxRedir": 0,
47 | "payloadPosition": 0,
48 | "payloadsFile": "",
49 | "grepsFile": "",
50 | "IssueName": "AWS Url Detected",
51 | "IssueSeverity": "Information",
52 | "IssueConfidence": "Certain",
53 | "IssueDetail": "",
54 | "RemediationDetail": "",
55 | "IssueBackground": "",
56 | "RemediationBackground": "",
57 | "Header": [],
58 | "VariationAttributes": [],
59 | "InsertionPointType": [],
60 | "Scanas": false,
61 | "Scantype": 0,
62 | "pathDiscovery": false
63 | }
64 | ]
--------------------------------------------------------------------------------
/profiles/EndpointsExtractor.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "EndpointsExtractor",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@GochaOqradze",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "false,,}\\.[a-zA-Z]{2,}[^\"\u0027]{0,})|((?:/|\\.\\./|\\./)[^\"\u0027\u003e\u003c,;| *()(%%$^/\\\\\\[\\]][^\"\u0027\u003e\u003c,;|()]{1,})|([a-zA-Z0-9_\\-/]{1,}/[a-zA-Z0-9_\\-/]{1,}\\.(?:[a-zA-Z]{1,4}|action)(?:[\\?|/][^\"|\u0027]{0,}|))|([a-zA-Z0-9_\\-]{1,}\\.(?:php|asp|aspx|jsp|json|action|html|js|txt|xml)(?:\\?[^\"|\u0027]{0,}|)))(?:\"|\u0027)"
14 | ],
15 | "Tags": [
16 | "All"
17 | ],
18 | "PayloadResponse": false,
19 | "NotResponse": false,
20 | "TimeOut1": "",
21 | "TimeOut2": "",
22 | "isTime": false,
23 | "contentLength": "",
24 | "iscontentLength": false,
25 | "CaseSensitive": false,
26 | "ExcludeHTTP": true,
27 | "OnlyHTTP": false,
28 | "IsContentType": false,
29 | "ContentType": "",
30 | "HttpResponseCode": "",
31 | "NegativeCT": false,
32 | "IsResponseCode": false,
33 | "ResponseCode": "",
34 | "NegativeRC": false,
35 | "urlextension": "",
36 | "isurlextension": false,
37 | "NegativeUrlExtension": false,
38 | "MatchType": 2,
39 | "Scope": 2,
40 | "RedirType": 0,
41 | "MaxRedir": 0,
42 | "payloadPosition": 0,
43 | "payloadsFile": "",
44 | "grepsFile": "",
45 | "IssueName": "EndpointsExtractor",
46 | "IssueSeverity": "Information",
47 | "IssueConfidence": "Firm",
48 | "IssueDetail": "Regex by Gerben_Javado : \n\u003cbr\u003ehttps://github.com/GerbenJavado/LinkFinder/blob/master/linkfinder.py\n\n\u003cbr\u003e\u003cbr\u003eEndpoints: \u003cbr\u003e\u003cgrep\u003e",
49 | "RemediationDetail": "",
50 | "IssueBackground": "",
51 | "RemediationBackground": "",
52 | "Header": [],
53 | "VariationAttributes": [],
54 | "InsertionPointType": [],
55 | "Scanas": false,
56 | "Scantype": 0,
57 | "pathDiscovery": false
58 | }
59 | ]
--------------------------------------------------------------------------------
/profiles/CRLF-Attack.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "CRLF-Attack",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 1,
7 | "Author": "@egarme",
8 | "Payloads": [
9 | "true,%0D%0ASet-Cookie:%20mycookie\u003dmyvalue"
10 | ],
11 | "Encoder": [],
12 | "UrlEncode": false,
13 | "CharsToUrlEncode": "",
14 | "Grep": [
15 | "true,, ^Set-Cookie:\\smycookie\u003dmyvalue"
16 | ],
17 | "Tags": [
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": false,
29 | "OnlyHTTP": true,
30 | "IsContentType": false,
31 | "ContentType": "",
32 | "HttpResponseCode": "",
33 | "NegativeCT": false,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 0,
42 | "RedirType": 3,
43 | "MaxRedir": 3,
44 | "payloadPosition": 1,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "CRLF-Attack",
48 | "IssueSeverity": "Medium",
49 | "IssueConfidence": "Certain",
50 | "IssueDetail": "",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [],
55 | "VariationAttributes": [],
56 | "InsertionPointType": [
57 | 18,
58 | 65,
59 | 32,
60 | 36,
61 | 7,
62 | 1,
63 | 2,
64 | 6,
65 | 33,
66 | 5,
67 | 35,
68 | 34,
69 | 64,
70 | 0,
71 | 3,
72 | 4,
73 | 37,
74 | 127,
75 | 65,
76 | 32,
77 | 36,
78 | 7,
79 | 1,
80 | 2,
81 | 6,
82 | 33,
83 | 5,
84 | 35,
85 | 34,
86 | 64,
87 | 0,
88 | 3,
89 | 4,
90 | 37,
91 | 127
92 | ],
93 | "Scanas": false,
94 | "Scantype": 0,
95 | "pathDiscovery": false
96 | }
97 | ]
--------------------------------------------------------------------------------
/main/java/burp/IResponseKeywords.java:
--------------------------------------------------------------------------------
1 | package burp;
2 |
3 | /*
4 | * @(#)IResponseKeywords.java
5 | *
6 | * Copyright PortSwigger Ltd. All rights reserved.
7 | *
8 | * This code may be used to extend the functionality of Burp Suite Community Edition
9 | * and Burp Suite Professional, provided that this usage does not violate the
10 | * license terms for those products.
11 | */
12 | import java.util.List;
13 |
14 | /**
15 | * This interface is used to represent the counts of keywords appearing in a
16 | * number of HTTP responses.
17 | */
18 | public interface IResponseKeywords
19 | {
20 |
21 | /**
22 | * This method is used to obtain the list of keywords whose counts vary
23 | * between the analyzed responses.
24 | *
25 | * @return The keywords whose counts vary between the analyzed responses.
26 | */
27 | ListIExtensionHelpers.analyzeResponseKeywords() and
46 | * IResponseKeywords.updateWith() methods.
47 | * @return The number of occurrences of the specified keyword for the
48 | * specified response.
49 | */
50 | int getKeywordCount(String keyword, int responseIndex);
51 |
52 | /**
53 | * This method is used to update the analysis based on additional responses.
54 | *
55 | * @param responses The new responses to include in the analysis.
56 | */
57 | void updateWith(byte[]... responses);
58 | }
59 |
--------------------------------------------------------------------------------
/profiles/Software_Version_revealed.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "Software_Version_revealed",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 2,
7 | "Author": "@six2dez1",
8 | "Payloads": [],
9 | "Encoder": [],
10 | "UrlEncode": false,
11 | "CharsToUrlEncode": "",
12 | "Grep": [
13 | "true,,(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?",
14 | "true,Or,(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)(?:-((?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?"
15 | ],
16 | "Tags": [
17 | "All"
18 | ],
19 | "PayloadResponse": false,
20 | "NotResponse": false,
21 | "TimeOut1": "",
22 | "TimeOut2": "",
23 | "isTime": false,
24 | "contentLength": "",
25 | "iscontentLength": false,
26 | "CaseSensitive": false,
27 | "ExcludeHTTP": false,
28 | "OnlyHTTP": false,
29 | "IsContentType": true,
30 | "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2",
31 | "HttpResponseCode": "",
32 | "NegativeCT": true,
33 | "IsResponseCode": false,
34 | "ResponseCode": "",
35 | "NegativeRC": false,
36 | "urlextension": "",
37 | "isurlextension": false,
38 | "NegativeUrlExtension": false,
39 | "MatchType": 2,
40 | "Scope": 2,
41 | "RedirType": 0,
42 | "MaxRedir": 0,
43 | "payloadPosition": 0,
44 | "payloadsFile": "",
45 | "grepsFile": "",
46 | "IssueName": "Software Version revealed",
47 | "IssueSeverity": "Information",
48 | "IssueConfidence": "Certain",
49 | "IssueDetail": "Software Version revealed",
50 | "RemediationDetail": "",
51 | "IssueBackground": "",
52 | "RemediationBackground": "",
53 | "Header": [],
54 | "VariationAttributes": [],
55 | "InsertionPointType": [],
56 | "Scanas": false,
57 | "Scantype": 0,
58 | "pathDiscovery": false
59 | }
60 | ]
--------------------------------------------------------------------------------
/profiles/XSS - Akamai GHost bypass.bb:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ProfileName": "XSS - Akamai GHost bypass",
4 | "Name": "",
5 | "Enabled": true,
6 | "Scanner": 1,
7 | "Author": "@egarme",
8 | "Payloads": [
9 | "true,\u003cdETAILS%0aopen%0aonToGgle%0a\u003d%0aa\u003dprompt,a()x\u003e"
10 | ],
11 | "Encoder": [],
12 | "UrlEncode": false,
13 | "CharsToUrlEncode": "",
14 | "Grep": [
15 | "true,,\u003cdETAILS"
16 | ],
17 | "Tags": [
18 | "All"
19 | ],
20 | "PayloadResponse": false,
21 | "NotResponse": false,
22 | "TimeOut1": "",
23 | "TimeOut2": "",
24 | "isTime": false,
25 | "contentLength": "",
26 | "iscontentLength": false,
27 | "CaseSensitive": false,
28 | "ExcludeHTTP": true,
29 | "OnlyHTTP": false,
30 | "IsContentType": false,
31 | "ContentType": "text/plain",
32 | "HttpResponseCode": "",
33 | "NegativeCT": false,
34 | "IsResponseCode": false,
35 | "ResponseCode": "",
36 | "NegativeRC": false,
37 | "urlextension": "",
38 | "isurlextension": false,
39 | "NegativeUrlExtension": false,
40 | "MatchType": 1,
41 | "Scope": 0,
42 | "RedirType": 4,
43 | "MaxRedir": 0,
44 | "payloadPosition": 1,
45 | "payloadsFile": "",
46 | "grepsFile": "",
47 | "IssueName": "XSS - Akamai GHost bypass",
48 | "IssueSeverity": "Medium",
49 | "IssueConfidence": "Certain",
50 | "IssueDetail": "",
51 | "RemediationDetail": "",
52 | "IssueBackground": "",
53 | "RemediationBackground": "",
54 | "Header": [],
55 | "VariationAttributes": [],
56 | "InsertionPointType": [
57 | 18,
58 | 65,
59 | 32,
60 | 36,
61 | 7,
62 | 1,
63 | 2,
64 | 6,
65 | 33,
66 | 5,
67 | 35,
68 | 34,
69 | 64,
70 | 0,
71 | 3,
72 | 4,
73 | 37,
74 | 127,
75 | 65,
76 | 32,
77 | 36,
78 | 7,
79 | 1,
80 | 2,
81 | 6,
82 | 33,
83 | 5,
84 | 35,
85 | 34,
86 | 64,
87 | 0,
88 | 3,
89 | 4,
90 | 37,
91 | 127
92 | ],
93 | "Scanas": false,
94 | "Scantype": 0,
95 | "pathDiscovery": false
96 | }
97 | ]
--------------------------------------------------------------------------------
/Changelog_3.0.4beta.md:
--------------------------------------------------------------------------------
1 | # Improvements Burp Bounty 3.0.4beta:
2 |
3 | ### "Path discovery" feature add new insertion points
4 |
5 | New insertion points are added to the requests (To discover hidden files and directories), when you check the "Path Discovery" option in "Payload Options" section. For example in the request:
6 |
7 | GET /dir1/dir2/file.php?param=value HTTP/1.1
8 |
9 | Generate three new Insertion points:
10 |
11 | 1- GET {HERE} HTTP/1.1