This is part two of a three part series on detecting traffic generated by the security tool Burp Suite. These methods are by no means exhaustive, but are simple tricks that can be used for detecting some of the malicious traffic on your web server.
I recently started to review the automated vulnerability scanner Burp Suite because of its widespread usage. The tool is used by many security bounty hunters, security professionals, and blackhat hackers for automated scanning and vulnerability detection. While I was using Burp, I was wondering to myself how easy it is for a server to detect that I am using this tool.
There’s always a gamble for security researchers when reporting vulnerability disclosures to companies. Is the company going to read your report? How will they react to me testing their security? Where can I send this report anyway? These are some of the questions the researcher is going to contemplate before making a decision that can financially impact the company they are trying to help.
The Facebook badges page was vulnerable to stored Cross-Site Scripting (XSS). This was initially reported back in August 2013, but due to communication problems over e-mail it wasn’t fixed until early January. Neither party is to blame, but this shows some of the difficulties that companies can face communicating with security researchers.
I discovered a vulnerability on Facebook that allowed you to send notifications to any user on Facebook. This could have been used to spam any content you wanted to all users on Facebook.