Skip to content

Burp extension to passively scan for applications revealing software version numbers

Notifications You must be signed in to change notification settings

augustd/burp-suite-software-version-checks

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Build Status Known Vulnerabilities

burp-suite-software-version-checks

This Burp Suite extension passively detects applications revealing server software version numbers during scanning, spidering etc.

Often the server version is revealed only on error responses, which may not be visible during the normal course of testing. Some examples are:

  • "Apache Tomcat/6.0.24 - Error report"
  • "Server: Apache/2.2.4 (Unix) mod_perl/2.0.3 Perl/v5.8.8"
  • "X-AspNet-Version: 4.0.30319"

Match rules are loaded from a remote tab-delimited file at extension startup.

Users can also load their own match rules from a local file or using the BApp GUI.

About

Burp extension to passively scan for applications revealing software version numbers

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published