You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Apr 4, 2024. It is now read-only.
Interesting Files Scanner extends Burp Suite's active scanner, with scans for interesting files and directories.
A main feature of the extension is the check for false positives with tested patterns for each case. Furthermore,
a Burp Suite tab is present to select/unselect the checks, to avoid network overload.
For example the following file checks are implemented:
Interesting Files such as .git/config
SSH private keys
Various .key files
Common PHP files and the corresponding backup files
Burp Suite -> Extender -> Add -> Extension type: Python -> Extension file: "downloaded interestingFileScanner.py" -> Next
Go to "Interesting Files Scanner" tab in Burp Suite and configure the extension for your needs
Configuration
You can configure the scans Interesting Files Scanner will perform, select the Interesting File Scanner
tab in Burp Suite and select the file checks that may apply to your scenario. Per default all checks are selected.
Furthermore, you can choose if you want Interesting Files Scanner to scan all subdirectories discovered
on the target domain. Therefore, unselect the checkbox 'Scan once per domain', which is selected by
default.
Requirements
This extension requires Burp Suite Professional and Jython 2.5 or later standalone. (https://www.jython.org)
Contributes to
The project was inspired by the following projects:
Please feel free to contact, if you miss any interesting file checks or discover any bugs.
Only file checks with sufficient patterns, to avoid false positives, can be implemented.
