Comments on PortSwigger.net - web application security: [V13P] Content discovery

In the Web Application Hacker's Handbook Chapter 4...

2010-03-01T12:36:19.390Z

In the Web Application Hacker's Handbook Chapter 4, they describe how you can use the Intruder from burpsuite to achieve "almost" the same results as you would with DirBuster. You basically create a GET message and capture it with your proxy, send it to the intruder, mark the position or file paths in the HTTP GET request and indicate the payload list you want to use to replace that

Looking around for some time to replace Dirbuster ...

2009-11-24T10:14:43.290Z

Looking around for some time to replace Dirbuster with a better tool, since Dirbuster is missing some needed features. It looks like this new addition to Burp will fill those gaps. Can't wait to test it! Hope the custom word lists can be added soon, because unless you come up with some really good word lists I prefer to use my own ;)

Hey, did anything new get added related to burp pl...

2009-11-24T09:35:49.584Z

Hey, did anything new get added related to burp plugins? :-)

@Anonymous Custom wordlists were on the wish-list...

2009-11-23T16:18:22.095Z

@Anonymous

Custom wordlists were on the wish-list, but didn't quite make the initial cut. Hopefully they'll get added pretty soon.

Any chance of being able to use third-party test c...

2009-11-23T16:13:45.106Z

Any chance of being able to use third-party test case files, kind of like DirBuster letting you define your own files to search for

Shouldn't that read dirbuster?

2009-11-23T15:49:04.509Z

Shouldn't that read dirbuster?