New web cache poisoning scan checksįind cutting-edge vulnerabilities with Burp Scanner. Burp Suite Professional can now update itself automatically - without user intervention. API scanning utilizes OpenAPI (Swagger) definitions. API scanningĮnumerate API endpoints to scan APIs in target applications. Report JavaScript libraries in use that contain known vulnerabilities. Perform software composition analysis (SCA) of client-visible code. DOM testing toolsĪdd-ons to Burp Suite Professional's embedded browser have enhanced manual testing for DOM-based vulnerabilities. New payload types and placement options, richer results analysis, and incremental saving. More options for brute forcing and fuzzing. Audit of asynchronous trafficīurp Scanner now automatically audits in-scope API requests that are issued from client-side JavaScript using XHR and Fetch. New APIīurp's Montoya API is a completely new extensibility framework, which will lead to much richer capabilities in the future. JWT scan checksīurp Scanner now checks for a number of security vulnerabilities relating to JSON Web Tokens (JWT). Collaborator clientĬollaborator client now has its own top-level tab, uses a tabbed interface, and saves its interactions in project files, among other improvements. Particularly useful if you're a tester running Kali Linux on an ARM64 virtual machine. Use Burp on an ARM64 machine running Linux. This broadens the range of APIs you are able to test automatically. GraphQL scan checksīurp Scanner can check for security vulnerabilities in APIs that use the GraphQL language. Store messages to investigate later, or save messages you've already identified as interesting / want to add to a report. Burp OrganizerĪ new tool within Burp Suite that makes it easier to manage your pentesting workflow. Now you can use Burp Scanner to scan for anything you want to look for. Extend Burp Scanner quickly and easily - using BChecks written in a simple text-based language.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |