- Runs with every possible permutation for query-based payloads.
..;will result in testing the following:
https://www.example.com..;/api/v1/users https://www.example.com/api..;/v1/users https://www.example.com/api/v1..;/users https://www.example.com/..;api/v1/users https://www.example.com/api/..;v1/users https://www.example.com/api/v1/..;users https://www.example.com/api/v1/users/..; https://www.example.com/api/v1/users/..;/
- Header payloads are added to the original request. In case the header already exists in the original request its value is replaced.
- If you want auto detection use this version.
- Supports manual activation through context menu.
- Payloads are supplied by the user under dedicated tab, default values are stored under
- Issues are added under the Issue Activity tab.
|Last updated||26 January 2022|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.