-
Notifications
You must be signed in to change notification settings - Fork 0
buby keyword search send
Ken Johnson [CKTRICKY]
Searches Burp's proxy history looking for parameters that meet keyword searches (keywords are listed in the LFILE). When found, sends to repeater and intruder and then alerts the user of the activity.
None
LFILE wordlists/buby/keywords.txt true Directory Traversal Strings File
RURL http://www.example.com true Enter the remote url value
RURL -- When the search occurs, it will only return keywords found in parameters from this site or RURL.
LFILE -- This is the keyword list you'd prefer to use.
NOTE: When you set RURL, make sure that this value is in Burp's target scope. Otherwise it won't run. This is to avoid producing results on sites you don't care about.
I'd like to search thru Burp's proxy history for requests that have parameters in the query that match my keyword list. While I could use the default list provided by wXf, I have my own list. I'll place that list under the datum/wordlists/buby directory for easy retrieval. Type reload lfiles and choose my file. The name of my keyword file is my_keywordlist.txt
set LFILE wordlists/buby/my_keywordlist.txt
set RURL http://www.example.com
run
If wXf has found anything in Burp's proxy that matches my keyword search I will see an alert, and the request string sent to both repeater and intruder.