Pentagrid Scan Controller

Pentagrid Scan Controller enhances automated and semi-automated active scanning by intelligently filtering and preprocessing requests. It aims to reduce unnecessary scans, such as those targeting static files or non-repeatable requests, by assessing repeatability and injecting Hackvertor tags when needed. The extension provides transparency for each decision, allowing users to adjust behaviors as necessary.

Features

• Identifies and filters out non-repeatable or irrelevant requests from active scanning.
• Attempts to make non-repeatable requests repeatable using Hackvertor tags.
• Displays detailed reasons for scanning decisions, enabling user review and customization.
• Improves performance by minimizing redundant or ineffective scan traffic.

Usage

1. Add the target website to the scope.
2. Enable Proxy requests under Scan -> Options -> Requests to process.
3. Browse the application using Burp's built-in browser to generate traffic.
4. Open the extension's tab to view which requests have been actively scanned.
5. Review requests with a high "Interesting" rating that haven't been scanned (indicated by Scanned: false).
6. Sort by the "Reason" column to understand why certain requests were or were not scanned.
7. Check the Dashboard for active scan findings.

Note: This extension requires the Hackvertor extension to be installed and active.