Skip to content

Installation

Jump to bottom
matthewD-AVI edited this page Feb 21, 2019 · 9 revisions

Attack Surface Detector Plugin Installation

Install Burp

  1. Download and install the latest build of PortSwigger BurpSuite from http://portswigger.net/burp/

Professional

  • Scanner functionality available.
  • The plugin will run source code analysis and seed endpoints into the target sitemap, and optionally run the spider and active scanning functionality.

Community

  • Scanner unavailable
  • Plugin will run source code analysis and send seeded endpoints to Target and Spider; Scanner will not run

Install Attack Surface Detector Plugin Manually

  1. Download latest Attack Surface Detector Burp addon file from https://github.com/secdec/attack-surface-detector-burp/releases
  2. Launch Burp
  3. Navigate to the Extender tab
  4. Click Add in Burp Extensions section
  5. In the popup, browse to attacksurfacedetector-release-#.jar (Note: The plugin file must be named attacksuracedetector-release-#.jar, where "#" is some number. This should be the default name when you download/grab the plugin.)
  6. Click Open
  7. Notice a new tab should now be available Attack Surface Detector

Install Attack Surface Detector Plugin from BApp store

  1. Download and install the latest version of Burp
  2. Launch Burp
  3. Select the 'Extender' tab
  4. Select the 'BApp Store' sub tab
  5. Select 'Attack Surface Detector'
  6. Click install
  7. Notice a new tab should now be available Attack Surface Detector
Clone this wiki locally