BChecks
Burp Suite Professional BChecks developed both by PortSwigger and the community with ๐งก
Documentation and Blogs
If you click the ? Icon in the top right of the BChecks sub tab in the Extensions tab you will be linked to the documentation.
Online documentation can be found here
BChecks: Houston, we have a solution! (blog)
Community submissions
Please issue a pull request and follow the process outlined here
the BChecks
Examples
Example BChecks to help you get started covering
- Blind SSRF via out-of-band detection
- Exposed git directory
- Leaked AWS Tokens
- Log4Shell via out-of-band detection
- Server Side Prototype Pollution
- Suspicious Input Transformation
Vulnerabilities CVEd
BChecks for specific vulnerabilities which have a CVE
Vulnerability classes
BChecks for specific vulnerability classes as opposed to discrete vulnerabilities.
Other
Other BChecks doing all the wonderful things which we didn't imagine