Bug Hunter Handbook

Burp Suite Tips and Tricks

https://twitter.com/jon_bottarini/status/1140700782343278592 - Match and Replace
- https://twitter.com/intigriti/status/1192103070072741894 - Additonal
https://twitter.com/Regala_/status/1032563800405360640 - Find Refernces
Favourite Plugins - https://twitter.com/intigriti/status/1093128957921251328
https://twitter.com/trimstray/status/1088019484118528000
Burp Hacks - https://www.youtube.com/watch?v=boHIjDHGmIo
https://twitter.com/trimstray/status/1068095885026955264
https://portswigger.net/research/adapting-burp-extensions-for-tailored-pentesting
https://twitter.com/ranjit_pahan/status/1126191087331053568
Favourite plugins - https://twitter.com/nnwakelam/status/1162453221027307525
https://twitter.com/gwendallecoguic/status/1138383809106391040 - Burp Collaborator
https://parsiya.net/blog/2019-10-13-quality-of-life-tips-and-tricks-burp-suite/
https://twitter.com/Dinosn/status/1212706039553908737
https://twitter.com/Agarri_FR/status/1217148102366388226
https://twitter.com/fs0c131y/status/1221717980322631681 - Favourite Extensions
https://twitter.com/fasthm00/status/1228118057144537088
https://www.coalfire.com/Solutions/Coalfire-Labs/The-Coalfire-LABS-Blog/june-2018/protips-testing-applications-using-burp-and-more
https://portswigger.net/blog/burps-new-crawler
https://twitter.com/jon_bottarini/status/1140700782343278592
https://twitter.com/Unknownuser1806/status/1225698253867405315 - Extension
Burp Extensions - https://twitter.com/search?q=Burp%20Extensions%20%23bugbounty&src=typed_query
https://github.com/elespike/burp-cph
https://vdalabs.com/2020/05/08/burpsuite-extensions-some-favorites/
Are you using @Burp_Suite with @firefox and don' want see the http://detectportal.firefox.com requests? Try this steps: https://twitter.com/firefox/status/841843869205598208
https://portswigger.net/blog/burp-suite-tips-from-power-user-and-hackfluencer-stok

Just released my first@Burp_Suite plugin. If you use multiple browsers through burp, check this out:aurainfosec/burp-multi-browser-highlightingHighlight Burp proxy requests made by different browsers - aurainfosec/burp-multi-browser-highlightinggithub.com

Automating Web Apps Input fuzzing via #Burp Macros http://blog.securelayer7.net/automating-web-apps-input-fuzzing-via-burp-macros/

Need to import multiple URL;s in to burp suite - https://twitter.com/search?q=parallell%20bugbountytip&src=typed_query

cat yahoourls.txt| parallel -j 10 curl --proxy http://127.0.0.1:8080 -sk > /dev/null

https://github.com/thegsoinfosec/BurpSuite_payloads

urlgrab --url SITE_HERE.com --ignore-ssl --proxy socks5://127.0.0.1:8080

https://github.com/allyomalley/BurpParamFlagger/

PreviousBugBounty Short Write-ups NextHackerOne Reports

Last updated 1 year ago