Skip to content

Releases: pmiaowu/BurpFastJsonScan

BurpFastJsonScan-1.0.5

31 Dec 08:40
@pmiaowu pmiaowu
BurpFastJsonScan-1.0.5
78fc330
Compare
Choose a tag to compare
BurpFastJsonScan-1.0.5

经过实战中使用,一个小伙伴提交了一个问题,该问题是对方内网发包过慢,导致程序结束了,dnslog还没收到,最终导致漏报

故现在二次验证时间增长,提高容错

建议更新

Assets 3
Loading

BurpFastJsonScan-1.0.4

23 Dec 03:37
@pmiaowu pmiaowu
BurpFastJsonScan-1.0.4
67a140e
Compare
Choose a tag to compare
BurpFastJsonScan-1.0.4

1, 删除了cookie上的json检测(不然产生的无用扫描有点多了)
2, 部分有害payload修改为Unicode编码测试绕过waf

建议更新

Assets 3
Loading

BurpFastJsonScan-1.0.3

21 Dec 08:43
@pmiaowu pmiaowu
BurpFastJsonScan-1.0.3
3537937
Compare
Choose a tag to compare
BurpFastJsonScan-1.0.3

bug修复

修复json检测的问题

之前 Content-Type: application/json; charset=UTF-8 与 Content-Type: application/data; charset=UTF-8 会直接认为是json不检测数据导致有的是图片也会直接跑检测

Assets 3
Loading

BurpFastJsonScan-1.0.2

18 Dec 07:34
@pmiaowu pmiaowu
BurpFastJsonScan-1.0.2
82d6e1f
Compare
Choose a tag to compare
BurpFastJsonScan-1.0.2

payload更新-增加了fastjson1.2.24的利用

建议更新

Assets 3
Loading

BurpFastJsonScan-1.0.1

17 Dec 09:17
@pmiaowu pmiaowu
BurpFastJsonScan-1.0.1
bd987bf
Compare
Choose a tag to compare
BurpFastJsonScan-1.0.1

增加了四个单纯检测dnslog的payload

建议更新

Assets 3
Loading

BurpFastJsonScan-1.0.0

17 Dec 06:24
@pmiaowu pmiaowu
BurpFastJsonScan-1.0.0
0d3877b
Compare
Choose a tag to compare
BurpFastJsonScan-1.0.0

burp插件fastjson初版上线

Assets 3
Loading