https://github.com/0ang3el/unsafe-jax-rs-burp

Burp Suite extension for JAX-RS
https://github.com/0ang3el/unsafe-jax-rs-burp

Last synced: 28 days ago
JSON representation

Burp Suite extension for JAX-RS

• Host: GitHub
• URL: https://github.com/0ang3el/unsafe-jax-rs-burp
• Owner: 0ang3el
• License: apache-2.0
• Created: 2017-03-11T20:38:27.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2017-03-17T17:55:11.000Z (about 7 years ago)
• Last Synced: 2024-02-09T20:49:11.895Z (4 months ago)
• Language: Python
• Size: 21.5 KB
• Stars: 65
• Watchers: 3
• Forks: 19
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Lists

• awesome-burp-suite - **36**星 - RS (<a id="5b761419863bc686be12c76451f49532"></a>新添加 / <a id="285c52a4e04dd2f86646c8e1235c9332"></a>工具)
• awesome-burp-suite - **36**星 - RS (<a id="5b761419863bc686be12c76451f49532"></a>新添加 / <a id="285c52a4e04dd2f86646c8e1235c9332"></a>工具)

README

        
Unsafe JAX-RS extension for Burp Suite

======================================

Unsafe JAX-RS is an active scanner extension for Burp Suite to check JAX-RS application for common security flaws. Currently following checks are implemented:

* Entity provider selection scan 

* WADL scan

* CSRF scan

* JSONP scan

* Async jobs scan

* DoS via GZIP bombing scan

* Content negotiation scan

* Exception mapping scan

	

Extension can identify following issues:

* CVE-2016-6346

* CVE-2016-8739

* CVE-2016-7050

* CVE-2016-6345

* CVE-2016-9571

* CVE-2016-6347

* CVE-2016-3720