/BChecks

BChecks collection for Burp Suite Professional

GNU Lesser General Public License v3.0LGPL-3.0

BChecks

Burp Suite Professional BChecks developed both by PortSwigger and the community with šŸ§”

Documentation and Blogs

If you click the ? Icon in the top right of the BChecks sub tab in the Extensions tab you will be linked to the documentation.

Online documentation can be found here

BChecks: Houston, we have a solution! (blog)

Burp Suite Short (video)

Community submissions

Please issue a pull request and follow the process outlined here

the BChecks

Examples

Example BChecks to help you get started covering

  • Blind SSRF via out-of-band detection
  • Exposed git directory
  • Leaked AWS Tokens
  • Log4Shell via out-of-band detection
  • Server Side Prototype Pollution
  • Suspicious Input Transformation

/examples

Vulnerabilities CVEd

BChecks for specific vulnerabilities which have a CVE

/vulnerabilities-CVEd

Vulnerability classes

BChecks for specific vulnerability classes as opposed to discrete vulnerabilities.

/vulnerability-classes

Other

Other BChecks doing all the wonderful things which we didn't imagine

/other