(Tools section seemed to be more about professionally made tools, thought the general section was more appropriate)
Been spending the last week or so playing around with the Burp Extender API and I have a project idea that I've been starting to plan out. I'm not sure if something like it already exists, if so I'd love to check it out for some inspiration. I basically want two extensions that will assist in avoiding blacklists for types of injections:
1. Blacklist Intruder scanner: By giving it the context of an injection point it'll try all types of special characters and see how the applications reacts (whether they show up in the HTML response at that location or not). The results of the scan will then output to a file.
2. Adaptive Injection: I want to circumvent the issue of the free version of Burp's Intruder being time-throttled by allowing the user to have a large list of different types of injection(e.g. XSS) using different characters, event handlers, etc. but based off the results of the blacklist scanner it will reduce XSS attempts to a subset of signatures with a higher likelihood of success(i.e if <,>, and " are blocked it won't try any signature using those characters). Again the extension verifying the injection is in the response or not.
I was wondering if the community had any ideas/suggestions for ways to expand on the idea
?
