Professional

Software Vulnerability Scanner

This extension identifies vulnerable software versions and potentially exploitable paths by leveraging the Vulners.com vulnerability database. It automatically scans HTTP responses to detect software fingerprints and checks detected versions against known vulnerabilities, providing comprehensive security insights including CVEs, advisories, and available exploits.

Features

  • Detects software versions through fingerprint analysis of HTTP responses
  • Cross-references detected software versions with the Vulners.com vulnerability database
  • Identifies potentially vulnerable URL paths that appear in known exploits
  • Displays detailed vulnerability information including CVE identifiers, security advisories, and applicable exploits
  • Provides tabbed interface for organizing results by software, vulnerabilities, and paths
  • Offers configurable scanning rules and API key management

Usage

  1. Configure your Vulners.com API key in the extension settings (premium accounts provide enhanced functionality)
  2. The extension automatically scans HTTP responses as you browse or perform active scans
  3. Review detected software versions in the Software tab
  4. Examine identified vulnerabilities and their details in the Vulnerabilities tab
  5. Check the Paths tab for URLs that may be vulnerable based on exploit databases
  6. Click on any vulnerability entry to view detailed information including CVE details, severity ratings, and available exploits
  7. Use the results to prioritize security testing and remediation efforts

Author

Author

Vulners.com

Version

Version

1.4.1

Rating

Rating

Popularity

Popularity

Last updated

Last updated

08 August 2025

Estimated system impact

Estimated system impact

Overall impact: Low

Memory
Low
CPU
Low
General
Low
Scanner
Low

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for all BApp Store extensions on our GitHub page.

Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore

Note:

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.