This is part two of a three part series on detecting traffic generated by the security tool Burp Suite. These methods are by no means exhaustive, but are simple tricks that can be used for detecting some of the malicious traffic on your web server.
I decided to take a look at the security of Valve’s websites recently after noticing Valve put up a security disclosure page two weeks ago. Although I did take a look at non-Steam websites, I focused almost entirely on the Steam Community and store because of how widely it is used via the Steam client.
I submit these issues and most of them were fixed within a week. So if you know of any Steam or Valve related product exploits and haven’t had a chance or are not sure how to report them, you can send the vulnerabilities in an email to firstname.lastname@example.org.
I recently started to review the automated vulnerability scanner Burp Suite because of its widespread usage. The tool is used by many security bounty hunters, security professionals, and blackhat hackers for automated scanning and vulnerability detection. While I was using Burp, I was wondering to myself how easy it is for a server to detect that I am using this tool.