Kang Asu

This blog talks about Computer, Security, Information technology, SEO, Video, etc. Now you can find all free things, Information Technology and Tips and Trick in this blog. JOIN ME KANG ASU

Breaking

Monday 25 November 2019

Home / Machine / Software Hacker / Asset Discover

Asset Discover

by on in ,
Kang Asu
Asset Discover - Burp Suite Extension To Discover Assets From HTTP Response


Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blog Asset Discovery using Burp Suite for more details.
The extension is now part of the BApp store and can be installed directly from the Burp Suite. https://portswigger.net/bappstore/d927f0065171485981d6eb49a860fc3e

Description
Passively parses HTTP response of the URLs in scope and identifies different type assets such as domain, subdomain, IP, S3 bucket etc. and lists them as informational issues.

Setup
  • Setup the python environment by providing the jython.jar file in the 'Options' tab under 'Extender' in Burp Suite.
  • Download the extension.
  • In the 'Extensions' tab under 'Extender', select 'Add'.
  • Change the extension type to 'Python'.
  • Provide the path of the file ‘Asset_Discover.py’ and click on 'Next'.



Usage
  • Add a URL to the 'Scope' under the 'Target' tab. The extension will start identifying assets through passive scan.



Requirements

Code Credits
A large portion of the base code has been taken from the following sources:


Regards
Kang Asu
Author Image

About Kang Asu
Saya sangat menyukai dunia Kedokteran dan Teknologi.

Related Posts:
By at
Labels: ,

No comments:

Post a Comment

# Silahkan berkomentar, bertanya dan kritik dengan sopan
# Disini anda boleh menyisipkan Link di kolom komentar
# Tetapi akan saya moderasi atau Review terlebih dahulu tiap komentar
# Jangan sampai komentar anda mengandung SPAM.

# Terima Kasih - Regards Muhammad Sobri Maulana

Subscribe to: Post Comments (Atom)