TryHackMe: Web Fundamentals
- author:: Nathan Acks
- date:: 2022-01-10
Burp Suite: Other Modules
Burp Suite displays hashes in the “Hex” view by default; to convert them into the (hex) ASCII string you’re used to, encode this output as “ASCII Hex”.
Sequencer is a tool for analyzing the entropy of a collection of tokens. Tokens can either be loaded in from a manual list, or “live” captured with the help of an example query imported from another module.
It can take a lot of tokens to run a reasonable entropy analysis; generally you’ll want something north of 10,000 examples (so, probably not something you can generate just by browsing around normally!).
Manual analysis can be conducted after the capture has either been stopped or paused. Alternately, checking the “Auto analyze” box will cause Burp Suite to run an analysis after every 2500 captures.
Burp Suite: Extender
The Extender Interface
The Extender tab allows Burp Suite modules to be loaded from from disk. Requests are passed through all modules, from top to bottom.
The BApp Store
Modules provided by the Burp Suite App Store can be accessed and installed through the “BApp Store” tab. Extensions installed through this route can actually modify parts of the Burp Suite interface (adding new tabs, etc.).