{"id":13635989,"url":"https://github.com/albinowax/ActiveScanPlusPlus","last_synced_at":"2025-04-19T04:31:50.856Z","repository":{"id":55866744,"uuid":"21121677","full_name":"albinowax/ActiveScanPlusPlus","owner":"albinowax","description":"ActiveScan++ Burp Suite Plugin","archived":false,"fork":false,"pushed_at":"2025-04-11T13:11:28.000Z","size":1853,"stargazers_count":627,"open_issues_count":4,"forks_count":195,"subscribers_count":48,"default_branch":"master","last_synced_at":"2025-04-11T14:44:42.280Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://twitter.com/albinowax","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/albinowax.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2014-06-23T10:04:13.000Z","updated_at":"2025-04-11T13:11:33.000Z","dependencies_parsed_at":"2024-12-10T16:29:00.903Z","dependency_job_id":"5520bc6e-54c0-48c7-8291-01ea96950d55","html_url":"https://github.com/albinowax/ActiveScanPlusPlus","commit_stats":{"total_commits":67,"total_committers":9,"mean_commits":7.444444444444445,"dds":0.4477611940298507,"last_synced_commit":"dd6a9263637a716529423ca2e92949ae0bd98388"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/albinowax%2FActiveScanPlusPlus","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/albinowax%2FActiveScanPlusPlus/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/albinowax%2FActiveScanPlusPlus/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/albinowax%2FActiveScanPlusPlus/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/albinowax","download_url":"https://codeload.github.com/albinowax/ActiveScanPlusPlus/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249606380,"owners_count":21298851,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T00:00:55.049Z","updated_at":"2025-04-19T04:31:50.849Z","avatar_url":"https://github.com/albinowax.png","language":"Java","funding_links":[],"categories":["Scanners","Java"],"sub_categories":[],"readme":"ActiveScan++\n==================\n\nActiveScan++ extends Burp Suite's active and passive scanning capabilities. Designed to add minimal network overhead, it identifies application behaviour that may be of interest to advanced testers:\n\n - Potential host header attacks (password reset poisoning, cache poisoning, DNS rebinding)\n - Edge Side Includes\n - XML input handling\n - Suspicious input transformation (eg 7*7 =\u003e '49', \\\\\\\\ =\u003e '\\\\' )\n - Passive-scanner issues that only occur during fuzzing (install the 'Error Message Checks' extension for maximum effectiveness)\n\nIt also adds checks for the following issues:\n\n - Blind code injection via expression language, Ruby's open() and Perl's open()\n - CVE-2014-6271/CVE-2014-6278 'shellshock' and CVE-2015-2080, CVE-2017-5638, CVE-2017-12629, CVE-2018-11776, etc\n \n#### Requirements:\nBurp Suite Professional or Enterprise (latest stable version)\n\n#### Manual installation:\n\n1. 'Extensions'-\u003e'Installed'-\u003e'Add\n2. Click 'Select file'\n3. Choose build/libs/active-scan-plus-plus-all.jar\n\n#### Usage notes:\nTo invoke these checks, just run a normal active scan.\n \n#### Changelog:\n**2.0.3 20250123**\n- Unicode processing issues (refer to [Bypassing character blocklists with unicode overflows](https://portswigger.net/research/bypassing-character-blocklists-with-unicode-overflows))\n\n**2.0.1 20241210**\n- Resolve some long-standing false positives\n\n**2.0.0 20241202**\n- Rewrite in Java!\n\n**1.0.24 20230801**\n- Devise (no CVE, refer to [Smashing the State Machine](https://portswigger.net/research/smashing-the-state-machine))\n\n**1.0.23 20211210**\n - Log4Shell (CVE-2021-44228)\n \n**1.0.22 20210325**\n - Detect interesting OAuth endpoints. \n - For further details, please refer to [Hidden OAuth Attack Vectors](https://portswigger.net/research/hidden-oauth-attack-vectors)\n \n**1.0.21 20190322**\n - Detect Rails file disclosure (CVE-2019-5418)\n\n**1.0.20 20180903**\n - Detect new Struts RCE (CVE-2018-11776)\n\n**1.0.19 20180815**\n - Detect Razor template injection with @(7*7)\n\n**1.0.18 20180804**\n - Try converting requests to XML for XXE\n - Detect CVE-2017-12611, CVE-2017-9805\n - Improve robustness\n\n**1.0.17 20180411**\n - Detect interesting files: /.git/config and /server-status\n - This can be easily extended with your own checks\n\n**1.0.16 20180404**\n - Detect Edge Side Includes\n\n**1.0.15 20171026**\n - Detect RCE via Solr/Lucene injection using XXE - [CVE-2017-12629](https://mail-archives.apache.org/mod_mbox/lucene-dev/201710.mbox/%3CCAJEmKoC%2BeQdP-E6BKBVDaR_43fRs1A-hOLO3JYuemmUcr1R%2BTA%40mail.gmail.com%3E)\n\n**1.0.14 20170309**\n - Detect the latest Struts2 RCE - CVE-2017-5638 / S2-045\n\n**1.0.13 20160411**\n - Detect shell command injection via Perl open() calls\n - Fix bug that reduced efficiency by creating useless insertion points\n - Sadly remove the 'NullPointerException' feature\n - Fix bug that caused passive scanner issues to appear on HTTP instead of HTTPS\n - Reduce time-delay based check false positives\n \n**1.0.12 - 20151118**\n - Trigger a fresh passive scan when an alternative code path is identified (combines well with the 'Error Message Checks' extension)\n \n**1.0.11 - 20150327**\n - Detect misc code injection via suspicious input transformation (eg \\x41-\u003eA)\n - Report when applications appear to handle XML input\n - Set Connection: close on outgoing requests for speed\n \n**1.0.10 - 20150327**\n - Add test for ruby open() exploit - see http://sakurity.com/blog/2015/02/28/openuri.html\n - Assorted minor tweaks and fixes\n \n**1.0.9 - 20150225**\n - Add tentative test for CVE-2015-2080\n - Remove dynamic code injection and RPO checks - these are now implemented in core Burp\n - Provide a useful error message when someone foolishly tries using Jython 2.7 beta\n \n**1.0.8 - 20141001**\n - Add tentative test for CVE-2014-6278\n \n**1.0.7 - 20140926**\n - Tweak test for CVE-2014-6271 for better coverage\n \n**1.0.6 - 20140925**\n - Add a test for CVE-2014-6271\n\n**1.0.5 - 20140708**\n - Add compatibility for Jython 2.5 (stable)\n - Improve cache poisoning detection\n - Add a cachebust parameter to prevent accidental cache poisoning\n - Misc. bugfixes\n \n**1.0.4 - 20140616**\n - Prevent RPO false positives by checking page's DOCTYPE\n - Reduce host header poisoning false negatives\n \n**1.0.3 - 20140523**\n - Prevent duplicate issues when saving/restoring state\n - Refactor: the passive scanner is now almost extensible\n - Improve expression language injection detection\n - Improve RPO regex\n \n**1.0.2 - 20140424**\n - Thread safety related bugfixes\n \n**1.0.1 - 20140422**\n - Minor bugfixes\n \n**1.0:**\n - Release\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falbinowax%2FActiveScanPlusPlus","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falbinowax%2FActiveScanPlusPlus","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falbinowax%2FActiveScanPlusPlus/lists"}