Response Pattern Matcher

Description

Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulnerable areas. Can be used to search HTML source code for interesting keywords, developer comments, passwords, admin panel links, hidden form fields, and more.

Usage

1. When the extension is loaded in you will see a Response Pattern Matcher tab, by default pre-existing payloads exist that will be pattern matched against every response that goes through Burp. This includes tools such as the Scanner.
2. Configure these payloads accordingly, these are quite generic so for an assessment you may want to add project specific keywords and regular expressions.
3. The "is regex" check box indicates whether to search the responses for the provided Pattern using Java's Pattern Matcher functionality
4. The "active" check box indicates whether the payload will be searched for in each response. Uncheck this to disable the payload.
5. Use the "In Scope Only" checkbox to search only within responses that are in Scope defined under Target > Scope.

Tips

1. If you want to test the matches against a request or response again you can send the corresponding request to repeater from the HTTP history.
2. For best results, define your scope, configure your payloads, and then start testing. Burp's Scanner will kick in and push everything through the Response Pattern Matcher too so the tool searches the full sitemap. In the Matches tab you can highlight identical matches, as well as delete repeated occurrences, or and export them to a .json file.

Note /* cannot be set to be regex, this will most likely crash burp as it matches on everything.