Interesting Files Scanner extends Burp Suite's active scanner, with scans for interesting files and directories. A main feature of the extension is the check for false positives with tested patterns for each case. Furthermore, a Burp Suite tab is present to select/unselect the checks, to avoid network overload.
For example the following file checks are implemented:
- Interesting Files such as .git/config
- SSH private keys
- Various .key files
- Common PHP files and the corresponding backup files
- SQL database files
- Download Burp Suite Pro: http://portswigger.net/burp/download.html
- Download Jython standalone JAR: http://www.jython.org/downloads.html
- Burp Suite -> Extender -> Options -> Python Environment -> Select File -> Choose the Jython standalone JAR
- Clone the GitHub repository: git clone https://github.com/modzero/interestingFileScanner.git
- Burp Suite -> Extender -> Add -> Extension type: Python -> Extension file: "downloaded interestingFileScanner.py" -> Next
- Go to "Interesting Files Scanner" tab in Burp Suite and configure the extension for your needs
You can configure the scans Interesting Files Scanner will perform, select the Interesting File Scanner tab in Burp Suite and select the file checks that may apply to your scenario. Per default all checks are selected.
Furthermore, you can choose if you want Interesting Files Scanner to scan all subdirectories discovered on the target domain. Therefore, unselect the checkbox 'Scan once per domain', which is selected by default.
This extension requires Burp Suite Professional and Jython 2.5 or later standalone. (http://www.jython.org)
The project was inspired by the following projects:
- https://github.com/hannob/snallygaster
- https://github.com/albinowax/ActiveScanPlusPlus
- https://github.com/unamer/CTFHelper/blob/master/CTFhelper.py
Thanks @floyd_ch for code review.
Please feel free to contact, if you miss any interesting file checks or discover any bugs. Only file checks with sufficient patterns, to avoid false positives, can be implemented.