search

infodel / burp.extension-googlehack

Burp Suite Extension providing Google Hacking Interface
GNU General Public License v2.0
16 stars 14 forks source link

Hi there! #2

Open SourcingDenis opened 6 years ago

SourcingDenis commented 6 years ago

Hello @infodel! Could you please kindly explain me how should I use one and what is this extension for.. burp or chrome? Thanks so much for your time and sorry for bothering you 🤓

infodel commented 6 years ago

Hey there. This extension was setup to take google results and import them directly into Burps Target window. This is useful for identifying access points and pages for testing that might not be discovered during normal app functionality. When it was initially setup i had all calls to goggle made without the use of an API key. I am not sure if this will still work, but i believe it should. An example of how this would be used in testing would be on a domain that has multiple landing pages or content and google has them cataloged. During manual testing you might do a site: search on google and look for any missing endpoints. This script performes that request and then adds all results that are defined to the scope of burp.

Hope that helps. Let me know if you have any additional questions.

James