StaticAnalyzer is a burp plugin that can be used to perform static analysis of the response information from server during run time. It will search for specific words in the response that is mentioned in the vectors.txt
Tested in BurpSuite Pro How to use?
- Download the StaticAnalyzer.jar file or build the Jar file from the source code by importing the project in eclipse
- Create a file called vectors.txt in the same location where the BurpSuite executable jar is located and add some vectors []
- Now start burpsuite
- Go to the extender tab
- Click Add and Select the StaticAnalyzer.jar file
Test site : http://housing-agent-pitch-68636.bitballoon.com/
- Keep Browsing the application or right click on any target and click actively scan this host
Now you can see in the body the word "git" is highlighted