This Burp Extension was created by Certus Cybersecurity to help find type confusion vulnerablities in applications.
For more information, please refer to the blogpost, that will be linked here soon.
This extension complements Burp's active scanner by substituting integer and booleean JSON values with their string equivalents to check if variable types are being checked on the server's side.
Any JSON body in HTTP request will be re-submitted with with the string equivalent:
{
"id":34,
"name":"John",
"role":"basic",
"extended":false
}
Will be transformed to:
{
"id":"34",
"name":"John",
"role":"basic",
"extended":false
}
If the HTTP response is successful, it would indicate that variable types are not being check on the server side.
Ensure you have Jython standalone JAR file attached to Burp and import the extension.py file.
Use Github issues to raise any problems. Contributions and feature requests are welcome.