Find Vulnerabilities In Web Applications With BurpSmartBuster
I just learned of the tools existence from one of Patrick's tweets.
Here is a DerbyCon presentation from 2016 about BurpSmartBuster.
BurpSmartBuster is a Burp Suite plugin;
- With the Objective of replacing dirbuster and dirb
- It uses a "smart" feature to goes beyond dirbuster and dirb
- It uses Burp to brute force files and directories based on URL's gathered by Burp
I have not tried this plugin yet, but it looks really cool and I want to get the word out about it.
I don't know how soon I can get to it given other things on plate right now.
If you have experience with it, please comment on how you like it.