This is a repository about how to Weaponize Burp Suite with extensions for Bug Bounty Hunting. Burp Suite is an amazing tool for Bug Hunting, Penetration Testing Web Applications.
If a bug hunter or penetration tester can implement his own bug hunting mindset in BurpSuite, he can hunt bugs much more powerfully and faster than before.
According to a tweet I published on Twitter, it has been decided to release the methodology for Weaponize Burp Suite This is the repository for this methodology :)
- Burp Bounty Pro
- Logger++
- AutoRepeater
In this methodology, we add our custom payloads in AutoRepeater and create a response of Payload filter in Logger++. So when we are browsing our target website AutoRepeater is replacing payloads in requests and send to server, Logger++ is logs the all AutoRepeater Requests if detect our filters in Logs you send request to Repeater and try to Exploit
I have added examples of each vulnerability in this repository, but you should add more payloads. In the vulnerability examples, I'll show you how to configure and add your own custom payloads to make your burp powerful.