Skip to content
/ OutBandit Public

OutBandit is a user-friendly Burp Suite extension written in Java, used by security professionals to test web applications for out of band exfiltration attacks on Windows and Linux environments, and to identify and exploit vulnerabilities.

3 stars 0 forks Branches Tags Activity
Star
Notifications

mymuzzy/OutBandit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits

OutBandit

OutBandit

 
 

OutBandit.png

OutBandit.png

 
 

README.md

README.md

 
 

Repository files navigation

OutBandit

OutBandit is a user-friendly Burp Suite extension written in Java, used by security professionals to test web applications for out of band exfiltration attacks on Windows and Linux environments, and to identify and exploit vulnerabilities.

Download from here

https://github.com/mymuzzy/OutBandit/releases/tag/v1.0.0

Detail installtion and Usage:

https://muzkkir.com/2023/03/14/outbandit-usage/

1

Description:

Out-of-band (OOB) attacks are a serious threat to the security of web applications. These attacks allow attackers to communicate with a compromised system or application in a way that goes undetected, making them particularly dangerous. For that I created OutBandit tool which can perform wide range of out of band attacks in seconds.

To help security professionals test for these types of attacks, the OutBandit tool was developed. Built as an extension for the widely used Burp Suite web application security testing tool, OutBandit is written in Java and can test web applications running on both Windows and Linux environments.

One of the key advantages of OutBandit is its ability to test applications built using different technologies such as Python, Java, .NET, PHP, and Node.js. This makes it a highly flexible tool that can be customized to meet the specific needs of different applications.

OutBandit can perform a wide range of attacks, including below attacks:

  • Command Injection

  • XML External Entity

  • SQL Injection

  • Server-Side JavaScript Injection

  • Server-Side Includes

  • Server-Side Template Injection

  • Remote File Inclusion

  • Open Redirection

  • Simple Mail Transfer Protocol

  • Code Injection

  • Deserialization

  • Expression Language Injection

Another key feature of OutBandit is its ability to work with both internet and intranet facing applications. It can also send both HTTP and DNS requests which is uniqueness about this tool.

Overall, OutBandit is a powerful and comprehensive tool for testing the security of web applications. Its ability to work with different technologies and network environments makes it an ideal asset for security professionals looking to ensure the security of their applications and infrastructure. By identifying vulnerabilities that may be missed by other testing methods, OutBandit can help organizations stay ahead of the latest cyber threats and keep their systems and applications secure.

Feedback and Queries

If you want to share about issues and problem, feel free to share with me on LinkedIn

"https://www.linkedin.com/in/hussenimuzkkir/"

Thank you

About

OutBandit is a user-friendly Burp Suite extension written in Java, used by security professionals to test web applications for out of band exfiltration attacks on Windows and Linux environments, and to identify and exploit vulnerabilities.

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v1.0.0 Latest
Mar 14, 2023

Packages

No packages published

Languages