Manual Scan Issues
This extension allows users to manually create custom issues within the Burp Scanner results.
Burp does a great job of finding issues, but it can't find everything. There are some tasks that must be completed by a user. With this extension, you can add an issue with all of the same properties as a native Burp issue. There are three tabs available:
- The "General" tab contains all of the basic information about the issue: the issue name, detail, background, remediation background, remediation detail, url, port, confidence, severity, and protocol.
- The "HTTP Request" tab contains an editor that houses the HTTP request of the custom issue.
- The "HTTP Response" tab contains an editor that houses the HTTP response of the custom issue.
- Select the target that requires a custom issue.
- In the Contents or Issues section of the selected target, right click to show the context menu.
- From the context menu select "Add Issue".
- Enter custom data into the relevant fields. The extension will auto-fill the "URL" and "Port" data fields with the selected target's url and port.
- Once all of the data has been entered, click the "Import Finding" button.
- A custom issue has been added to your target.
|Author||Joshua Smith & Benjamin Wireman, Dynetics|
|Last updated||23 May 2017|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.