Skip to content
Burp extension to passively scan for applications revealing software version numbers
Branch: master
Clone or download
Pull request Compare This branch is 15 commits ahead, 2 commits behind augustd:master.
pajswigger Merge pull request #5 from augustd/master
New detection patterns, Eliminate false positives, Bug fixes
Latest commit a29f0c6 Jan 30, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
.gitignore
.travis.yml
BappDescription.html
BappManifest.bmf
README.md
pom.xml

README.md

Build Status Dependency Status

burp-suite-software-version-checks

This Burp Suite extension passively detects applications revealing server software version numbers during scanning, spidering etc.

Often the server version is revealed only on error responses, which may not be visible during the normal course of testing. Some examples are:

  • "Apache Tomcat/6.0.24 - Error report"
  • "Server: Apache/2.2.4 (Unix) mod_perl/2.0.3 Perl/v5.8.8"
  • "X-AspNet-Version: 4.0.30319"

Match rules are loaded from a remote tab-delimited file at extension startup.

Users can also load their own match rules from a local file or using the BApp GUI.

You can’t perform that action at this time.