.

Streamline Burp Intruder attacks with Payload Processing Regex

<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Wed Sep 19, 2012 7:22 pm

Streamline Burp Intruder attacks with Payload Processing Regex

Ladies and gentlemen, I am so proud to announce to you my first ever official info-sec related stand alone blog post! ;D  Seriously, I've had this domain sitting around for a couple of years just for this purpose. Finally a) had some extra time and b) had something neat to share.  So, enjoy!

http://www.stormthe.net/?p=14
Poking at security since 1986.  +++ATH
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Sep 19, 2012 9:10 pm

Re: Streamline Burp Intruder attacks with Payload Processing Regex

The first post is always the easiest!

Seriously though, that's a good start. I like the domain too.

You might want to adjust your WordPress settings so you get clean URLs, instead of the ?p=14, etc.
The day you stop learning is the day you start becoming obsolete.
<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Fri Sep 21, 2012 3:15 pm

Re: Streamline Burp Intruder attacks with Payload Processing Regex

ajohnson wrote:The first post is always the easiest!

Seriously though, that's a good start. I like the domain too.

You might want to adjust your WordPress settings so you get clean URLs, instead of the ?p=14, etc.


I dunno about the first being easiest... took me two years to get that one up! :)
Poking at security since 1986.  +++ATH
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Sat Sep 22, 2012 2:07 am

Re: Streamline Burp Intruder attacks with Payload Processing Regex

Looks good from a quick skim, it's rarely I see people talk about the more advanced functions of Burp, so it's great to see someone took the time  ;D
I'm an InterN0T'er
<<

m0wgli

User avatar

Sr. Member
Sr. Member

Posts: 308

Joined: Fri Jul 20, 2012 3:34 pm

Post Sat Sep 22, 2012 7:35 am

Re: Streamline Burp Intruder attacks with Payload Processing Regex

Nice first post. I haven't really delved into the more advanced functions of Burp too much yet, but I tried out your technique earlier today and can really see the usefulness of it.

Like MaXe says it's good to see someone talking about the more advanced functions of Burp, and any more posts like this would be most welcome.

Also thanks for sharing your wordlists.
Security + | OSWP | eCPPT (Silver & Gold) | CSTA
<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Sun Sep 23, 2012 10:49 pm

Re: Streamline Burp Intruder attacks with Payload Processing Regex

Thanks guys... been getting nice feedback from the post, maybe i'll have to do an "Advanced Burp" series... :)
Poking at security since 1986.  +++ATH
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Mon Sep 24, 2012 4:03 am

Re: Streamline Burp Intruder attacks with Payload Processing Regex

Cool site really nice to layout makes it a pleasure to read.
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Mon Sep 24, 2012 9:08 am

Re: Streamline Burp Intruder attacks with Payload Processing Regex

Nice write-up man!  Burp is one of those tools I wish I can put more time in, well I sort of wish I could put more time into pen testing but my current job does not demand I do that so I have to focus energies elsewhere.  But still good to know when the demand changes or when I am feeling red-teamy and want to play in my lab.
Certs: GCWN
(@)Dewser

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software