Burp Suite scanner plugin based on Vulners.com vulnerability database API
- Search fingerprints in http response (inspired by plugin "Software Version Reporter") and check found version in vulners.com vulnerability database
- [Experemental] Check unique URLs in vulners.com finding exploits for such paths
If Vulners Plugin detects vulnerable software it will show you CVE, advisoroies and even applicable exploits!
- Oracle java version "1.8.0_291"
- Maven
- Python 2 + 3
- Radamsa to fuzz your programs
Execute
apt install jython jruby libcanberra-gtk-module libcanberra-gtk3-module gcc make git wget -y && pip install frida && python3 -m pip install frida && pip install Pyro4 && python3 -m pip install Pyro4 && cd /usr/share && git clone https://gitlab.com/akihe/radamsa.git && cd radamsa && make && make install && echo "HAL 9000" | radamsa && cd && cd /usr/share && git clone https://github.com/PortSwigger/software-vulnerability-scanner.git && apt install maven -y && cd software-vulnerability-scanner && mvn package && cd
Click to download and install it executing:
chmod +x burpsuite_community_linux_v2021_8.sh && ./burpsuite_community_linux_v2021_8.sh
Click to download and install it executing:
chmod +x burpsuite_pro_linux_v2021_8.sh && ./burpsuite_pro_linux_v2021_8.sh
Open Burp Suite -> Extender -> Options -> Python Enviroment -> Location of jython standalone JAR file:
/usr/share/jython/bin/jython
Open Burp Suite -> Extender -> Options -> Ruby Enviroment -> Location of jRuby JAR file:
/usr/share/jruby/bin/jruby
Open Burp Suite -> Extender -> BApp Store -> Sort by Last updated-> Install all extensions
Open Burp Suite -> Extender -> Extensions -> Add -> Extension file (.jar) Select file -> burp-vulners-scanner-1.2.jar
You cand find it in this folder /usr/share/software-vulnerability-scanner/target
Now login/singup here and generate/copy your API Key
Is time to open BurpSuite TAB called Software Vulnerability Scanner and add yours.
Manual activation
java -javaagent:BurpSuiteLoader_v2021.6.1.jar -noverify -jar burpsuite_pro_v2021.6.1.jar &
open keygen(activator) 👇🏼
java -jar burploader-old.jar &
Open BurpSuite (with 7GB of Memory RAM for be fastly)
java -javaagent:BurpSuiteLoader_v2021.6.1.jar -noverify -jar -Xmx7G burpsuite_pro_v2021.6.1.jar &
Open Burp Suite -> Extender -> Options -> Python Enviroment -> Location of jython standalone JAR file:
/usr/share/jython/bin/jython
Open Burp Suite -> Extender -> Options -> Ruby Enviroment -> Location of jRuby JAR file:
/usr/share/jruby/bin/jruby
Open Burp Suite -> Extender -> BApp Store -> Sort by Details-> Install all Pro extensions
Now login/singup here and generate/copy your API Key
Is time to open BurpSuite TAB called Software Vulnerability Scanner and add yours.