Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/attackercan/burp-xss-sql-plugin
https://github.com/attackercan/burp-xss-sql-plugin
Last synced: 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/attackercan/burp-xss-sql-plugin
- Owner: attackercan
- Created: 2016-08-17T14:05:24.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2016-09-28T21:46:18.000Z (over 8 years ago)
- Last Synced: 2024-08-02T00:23:02.554Z (6 months ago)
- Language: Python
- Size: 3.91 KB
- Stars: 45
- Watchers: 10
- Forks: 12
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-burp-extensions - burp-xss-sql-plugin - ublishing plugin which I used for years which helped me to find several bugbounty-worthy XSSes, OpenRedirects and SQLi. (Vulnerability Specific Extensions / SQL/NoSQL Injection)
README
# burp-xss-sql-plugin
Publishing plugin which I used for years which helped me to find several bugbounty-worthy XSSes, OpenRedirects and SQLi.
__HTML Inj__: Special symbols are checked one-by-one if they appear in output. WAF/base64encoding/location/content-type/etc detections.
__SQL Inj__: All parameters are transfered through SQLMap API to host, which in used for asynchronous scanning.
__Tip__: Change Burp's Active Scan scope so it will automatically append new HTTP requests into queue, e.g.:
```
Host: bugbounty.com
File: (? $task) {
$task_data = json_decode(file_get_contents("http://0.0.0.0:8775/scan/".$id."/data"), true);
if(count($task_data['data']) > 0)
echo "[".$id."]
SQL Inj!
";
//else echo "[".$id."] None...
";
}
}
?>
```