Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulnerable areas.
Can be used to search HTML source code for interesting keywords, developer comments, passwords, admin panel links, hidden form fields, and more.
When the extension is loaded in you will see a Response Pattern Matcher tab, by default pre-existing payloads exist that will be pattern matched against every response that goes through Burp. This includes tools such as the Scanner.
Configure these payloads accordingly, these are quite generic so for an assessment you may want to add project specific keywords and regular expressions.
The "is regex" check box indicates whether to search the responses for the provided Pattern using Java's Pattern Matcher functionality
The "active" check box indicates whether the payload will be searched for in each response. Uncheck this to disable the payload.
Use the "In Scope Only" checkbox to search only within responses that are in Scope defined under Target > Scope.
For best results, define your scope, configure your payloads, and then start testing. Burp's Scanner will kick in and push everything through the Response Pattern Matcher too so the tool searches the full sitemap.
Note /* cannot be set to be regex, this will most likely crash burp as it matches on everything.
21 February 2020
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
You can view the source code for this BApp by visiting our GitHub page.
Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.