burp用过的插件

BurpShiroPassiveScan-1.7.7

https://github.com/pmiaowu/BurpShiroPassiveScan/releases/tag/BurpShiroPassiveScan-1.7.7

image-20220607195518206

简单使用,起一个shiro服务

image-20220607201254708

image-20220607201318922

J2EEScan

https://github.com/ilmila/J2EEScan/archive/refs/tags/v2.0.0.zip

idea打开

image-20220607202011351

image-20220607202057035

image-20220607203137668

image-20220607203155638

image-20220607203206739

image-20220607203233648

cd spring/CVE-2018-1273
docker-compose up -d
docker ps

image-20220607214202359

image-20220607214705039

抓包

image-20220607215401489

image-20220607215427903

image-20220607215438890

image-20220607215449438

WooYun-Payload

https://github.com/boy-hack/wooyun-payload/releases

image-20220607215614902

image-20220607215628907

Struts2-RCE

https://github.com/prakharathreya/Struts2-RCE

cd vulhub-master/struts2/s2-001
docker-compose up -d
docker ps

image-20220607220129127

image-20220607220210528

image-20220607220219765

Fastjson-Scanner

https://github.com/zilong3033/fastjsonScan

image-20220607223254863

cd /vulhub-master/fastjson/1.2.24-rce
docker-compose up -d
docker ps

image-20220607221114259

image-20220607223649167

Autorize

image-20220607224016333

image-20220607224206158

先登录低权限的

image-20220608093944200

拿低权限的cookie

image-20220608094037629

image-20220608094107206

打开认证开关

image-20220608094133128

登录admin,这期间低权限的不要退出

image-20220608094003768

在admin全都点一遍

image-20220607225438719

image-20220608094454967

image-20220608094509337

Turbo Intruder

image-20220608103656484

image-20220608103841494

image-20220608105938419

image-20220608110513020

Software Vulnerability Scanner

image-20220608110549115

image-20220608110649671

Logger++ —— 更强大的请求历史查看器

image-20220608110843106

burp 日志Logger++插件从原理到实践_J0hnson666的博客-CSDN博客_logger++

Brida —— 连接 frida 与 burpsuite

没看懂

sqlmap4burp++ —— 连接 burpsuite 与 sqlmap

https://github.com/c0ny1/sqlmap4burp-plus-plus/releases/tag/0.2

image-20220608113121879

image-20220608113227504

image-20220608113253941

Knife —— 工具箱、自定义 payload

https://github.com/bit4woo/knife/releases 一般

CSRF Token Tracker —— 绕过CSRF限制进行暴力破解

image-20220608113637012

设置安全级别为高

image-20220608121126117

第一次

image-20220608121155534

第二次

image-20220608121200589

image-20220608121744745

可以看到怎么重放都是200了

image-20220608121738741

HAE

image-20220608124114509

domain hunter

https://github.com/bit4woo/domain_hunter_pro/releases/tag/v1.7

image-20220608124701900

CaA

https://github.com/gh0stkey/CaA/releases

image-20220608124959086

image-20220608125129571

JWT4B

image-20220608125217468

APIKit

https://github.com/API-Security/APIKit/releases/tag/release

.\xray.exe webscan --listen 127.0.0.1:7777 --html-output ./results/proxy.html

image-20220608134823221

image-20220608134735674

Passive Scan Client

https://github.com/c0ny1/passive-scan-client/releases/tag/0.3.0

image-20220608135744805

reflector

https://github.com/elkokc/reflector/releases/tag/2.1

https://zhuanlan.zhihu.com/p/384779063

https://www.secpulse.com/archives/124527.html

jsonp cors跨域

https://github.com/p1g3/JSONP-Hunter

https://github.com/p1g3/CORS-SCAN

Hackvertor

image-20221208113418359

Collaborator Everywhere

image-20221208113450546

HTTP Request Smuggler

image-20221208115120431