Additional Scanner Checks
This extension provides some additional passive Scanner checks:
- DOM-based XSS (regular expressions are based on those from https://code.google.com/p/domxsswiki/wiki/FindingDOMXSS)
- Missing HTTP headers:
- X-Content-Type-Options: nosniff
- Multiple occurrences of the checked headers
- Redirection from HTTP to HTTPS
All checks can be enabled separately in an extension tab and a default config can be stored.
|Last updated||21 December 2018|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.