Home

Awesome

ActiveScan++

ActiveScan++ extends Burp Suite's active and passive scanning capabilities. Designed to add minimal network overhead, it identifies application behaviour that may be of interest to advanced testers:

It also adds checks for the following issues:

Requirements:

Burp Suite Professional (version 1.6 or later) Jython 2.5 or later standalone: http://www.jython.org/downloads.html

Manual installation:

  1. 'Extender'->'Options'
  2. Click 'Select file' under 'Python environment'
  3. Choose jython-standalone-2.5.jar
  4. 'Extender'->'Extensions'
  5. Click 'Add'
  6. Change 'Extension Type' to Python
  7. Choose activeScan++.py
  8. Done!

Usage notes:

To invoke these checks, just run a normal active scan.

The host header checks tamper with the host header, which may result in requests being routed to different applications on the same host. Exercise caution when running this scanner against applications in a shared hosting environment.

Changelog:

1.0.21 20190322

1.0.20 20180903

1.0.19 20180815

1.0.18 20180804

1.0.17 20180411

1.0.16 20180404

1.0.15 20171026

1.0.14 20170309

1.0.13 20160411

1.0.12 - 20151118

1.0.11 - 20150327

1.0.10 - 20150327

1.0.9 - 20150225

1.0.8 - 20141001

1.0.7 - 20140926

1.0.6 - 20140925

1.0.5 - 20140708

1.0.4 - 20140616

1.0.3 - 20140523

1.0.2 - 20140424

1.0.1 - 20140422

1.0: