Burp Suite Extensions 2020 #1

Burp Suite is definitely the most used tool for me on a daily basis since almost all of the engagements I work on involve some type of Web Application Penetration Testing.

Expect a more up to date list on the extensions I have installed, why I have them and how they’ve helped in the past.

Here is my Burp default load; notice the 500 tabs from all of the extensions

All of these are available if you have Burp Suite Professional within the Bapp Store except the last one ;]

Ones that I find really needed out of all of the above are:

  • Additional Scanner Checks
  • Freddy
  • Exiftool Scanner
  • Software Version Reporter/Software Vulnerability Scanner
  • Error Message Checks
  • HTML5 Auditor
  • J2EEScan/Retire.js
  • Paramalyzer

That said, if you have the resources I’d really suggest using them all!

Don’t forget about GainSec’s Burp Suite Extension!

GoldenNuggets! (Click here to download)

End Transmission

Leave a Reply