trustbad.blogg.se

27 Maj 2023 - 05:40
Burp bounty pro
Allmänt
Burp bounty pro










burp bounty pro burp bounty pro

In this section you can specify the issue that will be show if the condition match with the options specified. In Max Redirections you can set the maximum redirects you want follow.

  • Always: You always follow the redirects.
  • In-Scope Only: You only follow if the domain is in the scope.
  • On-site Only: You only follow if the domain is the same of the previus request.
  • Response Code (or negative match): you can specify one or multiple (separated by coma) HTTP response code to find string, regex or payload.
  • Content type (or negative match): you can specify one or multiple (separated by comma) content type to search the string, regex or payload.
  • Only in HTTP Headers: Only match if it's in HTTP headers.
  • Exclude HTTP Headers: Only match if it's in the body request.
  • Case sensitive: Only match if case sensitive.
  • Negative match: if you want find if string, regex or payload is not present in response.
  • For each payload response, each string, regex or payload (depending of you choose) will be searched with the specific Grep Options.
    • If you get the invariations that you have marked in the attributes, you will get an issue.
  • Invariations: if you find invariations between the base response and the payloads responses.
    • If you get the variations that you have marked in the attributes, you will get an issue.
  • Variations: if you find variations between the base response and the payloads responses.
    • You get an issue if the request content length differs your specified bytes.
  • Content Length difference: This option compare the content-length of the original request, with the content-length of the payload requests.
  • Timeout equal or more than: You get an issue if the request delay your specified seconds or more.
  • Payload without encode: if you encode the payload, and you want find for original payload, you should choose this.
  • Simple String: search for a simple string or strings.

    • burp bounty pro

    If you choose " URL-Encode these characters" option, you can put all characters that you want encode with URL. For example, if you want encode the string alert(1), many times (in descendent order):

    burp bounty pro

    For interact with Burp Collaborator you can put " will be replace by your payloads.

  • Burp Collaborator: Now, Burp Collaborator thread will start automatically.
  • Profiles Directory: Choose the profiles directory path.
  • Profiles reload: Reload the profiles directory, for example, when you add new external profile to directory.












    • Burp bounty pro
    0 kommentar(er)
    Om Mig: