Broken Link Hijacking
Discover broken links
Features
- Supports various HTML elements/attributes with regex based on scrapeHtml.js
- Concurrently checks multiple links using defined threads.
- Customizing [STATUS_CODES|PATH-PATTERN|MIME-TYPE]
Usage
By default it passively scans the responses with Target "Scope in" . Make sure to add the targets into the scope. (Reason: To Avoid Noise)
WHITELIST_CODES - You can add status_code's to this list for more accurate results.
ex: avoiding https redirects by adding 301, if the path,url redirects to https.
WHITELIST_PATTERN - Regex extracting pattern based on given patterns.
- ex: /admin.php
- //google.com/test.jpg
- ../../img.src
- WHITELIST_MEMES - Whitelisting MimeType to be processed for scanning patterns in responses if their Mime-Type matches.
ex: Mainly used to avoid performing regexes in gif,img,jpg,swf etc
no_of_threads - Increase no of threads , default : 15
| Author | Arbazz Hussain |
|---|---|
| Version | 1.0 |
| Rating | |
| Popularity | |
| Last updated | 23 July 2019 |
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
| You can view the source code for this BApp by visiting our GitHub page. | |
| Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates. |
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.