- Linux OS
- Ensure that Chrome/Chromium installed in a standard location
- Obtain the appropriate chromedriver for your OS and version of Chrome (see: http://chromedriver.chromium.org/downloads/version-selection). Note the file location.
Adds passive checks to the Burp scanner. The following is a list of items it will look for:
- Cross-Domain Script Includes (DOM)
- CORS Headers Do Not Require Subresource Integrity
- Subresource Integrity Failed Validation
- Cross-Domain Script Includes where DNS Resolution Fails
It does this by looking at the HTML received and loads the DOM via a headless Chromium instance using Selenium.
- The path to the chromedriver binary you want to use. This defaults to the bundled version appropriate for your operating system. Setting a chromedriver here will override the default.
It is possible to load indicators of compromise (IOCs) as JSON files through the GUI tab. Examples are provided in the intel folder.
|Last updated||10 September 2019|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.