Burp Suite Professional BChecks developed both by PortSwigger and the community with 🧡
Example BChecks to help you get started covering
- Blind SSRF via out-of-band detection
- Exposed git directory
- Leaked AWS Tokens
- Log4Shell via out-of-band detection
- Server Side Prototype Pollution
- Suspicious Input Transformation
BChecks for specific vulnerabilities which have a CVE
BChecks for specific vulnerability classes as opposed to discrete vulnerabilities.
Other BChecks doing all the wonderful things which we didn't imagine
If you click the ? Icon in the top right of the BChecks sub tab in the Extensions tab you will be linked to the documentation.
Online documentation can be found here https://portswigger.net/burp/documentation/scanner/bchecks
Blogs to follow when it hits our Stable release channel.
Please issue a pull request