Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → redhuntlabs → Burpsuite Asset_discover

redhuntlabs / Burpsuite Asset_discover

Licence: mit

Burp Suite extension to discover assets from HTTP response.

Programming Languages

139335 projects - #7 most used programming language

Labels

pentesting osint

Projects that are alternatives of or similar to Burpsuite Asset discover

A high performance offensive security tool for reconnaissance and vulnerability scanning

Stars: ✭ 2,312 (+1206.21%)

Mutual labels: osint, pentesting

Social Analyzer

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Stars: ✭ 8,449 (+4673.45%)

Mutual labels: osint, pentesting

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Stars: ✭ 6,882 (+3788.14%)

Mutual labels: osint, pentesting

Linkedin2username

OSINT Tool: Generate username lists for companies on LinkedIn

Stars: ✭ 504 (+184.75%)

Mutual labels: osint, pentesting

A tool to hunt for publicly accessible DigitalOcean Spaces

Stars: ✭ 122 (-31.07%)

Mutual labels: osint, pentesting

Bugcrowd Levelup Subdomain Enumeration

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Stars: ✭ 513 (+189.83%)

Mutual labels: osint, pentesting

Commoncrawlparser

Simple multi threaded tool to extract domain related data from commoncrawl.org

Stars: ✭ 25 (-85.88%)

Mutual labels: osint, pentesting

Sifter aims to be a fully loaded Op Centre for Pentesters

Stars: ✭ 403 (+127.68%)

Mutual labels: osint, pentesting

Information Security Tasks

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Stars: ✭ 108 (-38.98%)

Mutual labels: osint, pentesting

my oscp prep collection

Stars: ✭ 105 (-40.68%)

Mutual labels: osint, pentesting

Automatically Launch Google Hacking Queries Against A Target Domain

Stars: ✭ 432 (+144.07%)

Mutual labels: osint, pentesting

Burpsuite Xkeys

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Stars: ✭ 144 (-18.64%)

Mutual labels: osint, pentesting

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Stars: ✭ 427 (+141.24%)

Mutual labels: osint, pentesting

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Stars: ✭ 541 (+205.65%)

Mutual labels: osint, pentesting

Intelligence tool but without API key

Stars: ✭ 424 (+139.55%)

Mutual labels: osint, pentesting

Semi-automatic OSINT framework and package manager

Stars: ✭ 814 (+359.89%)

Mutual labels: osint, pentesting

swiss army knife for hackers

Stars: ✭ 346 (+95.48%)

Mutual labels: osint, pentesting

Python 3.5+ DNS asynchronous brute force utility

Stars: ✭ 370 (+109.04%)

Mutual labels: osint, pentesting

Pentesting Bible

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Stars: ✭ 8,981 (+4974.01%)

Mutual labels: osint, pentesting

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Stars: ✭ 126 (-28.81%)

Mutual labels: osint, pentesting

View All Similar Projects ➔

BurpSuite Extension - Asset Discover

Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blog Asset Discovery using Burp Suite for more details.

The extension is now part of the BApp store and can be installed directly from the Burp Suite. https://portswigger.net/bappstore/d927f0065171485981d6eb49a860fc3e

To know more about our Attack Surface Management platform, check out NVADR.

Description

Passively parses HTTP response of the URLs in scope and identifies different type assets such as domain, subdomain, IP, S3 bucket etc. and lists them as informational issues.

Setup

Setup the python environment by providing the jython.jar file in the 'Options' tab under 'Extender' in Burp Suite.
Download the extension.
In the 'Extensions' tab under 'Extender', select 'Add'.
Change the extension type to 'Python'.
Provide the path of the file ‘Asset_Discover.py’ and click on 'Next'.

Usage

Add a URL to the 'Scope' under the 'Target' tab. The extension will start identifying assets through passive scan.

Requirements

Code Credits

A large portion of the base code has been taken from the following sources:

License

The project is available under MIT license, see LICENSE file.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 177

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (3) 🔗