Closed brumensywh closed 1 year ago
That's great!
Thanks to you for the great collection of BCheck scripts. It has been a pleasure, I will likely share more in the future!
/Brumens
@brumensywh As a contributor to our GitHub repository, we would like to invite you to our closed Discord community.
It is a place where passionate Burp users, including people who directly work on building and developing Burp here at PortSwigger, can talk about the tooling and web security in general.
If you would like to join, please email us at support@portswigger.net and we will send over an invite link.
Thank you!
BCheck Script Description
Note : Update from my latest PR : "x5 BCheck scripts"
Line 21 has been added to check if a firewall is used by the host.
For each new host detected, a dummy GET parameter is added to the URL with an included payload that tries to bypass the firewall the target is using (by default, only XSS payloads is given).
Protection mechanism failure - CWE-693
Submission Guidelines
Link to the primary research