Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Content Discovery: custom wordlist

David | Last updated: Sep 21, 2015 02:01PM UTC

The Content Discovery functionality allow the use of built-in wordlists, but does not facilitate a custom word-/filelist. While the built-in wordlists are OK, sometimes it's useful to be able to define a custom list, just like you would within the intruder. The intruder can of course be used for discovery of content as well, but it would be very nice to be able to define a textfile in an input field within the "Filenames" section on the Content Discovery config tab.

Liam, PortSwigger Agent | Last updated: Sep 22, 2015 07:35AM UTC

Hi David Thanks for your request. We currently have this issue captured in our development backlog and do plan to enhance Burp with the relevant functionality. Unfortunately we cannot currently promise an ETA.

Burp User | Last updated: Jan 09, 2016 02:33AM UTC

Hi David, Intruder with SecLists is what you are looking for! Happy New Year, Kiran

PortSwigger Agent | Last updated: Feb 19, 2016 08:34AM UTC

Thanks for this feedback, which we completely agree with. We do have these feature requests captured in our (large) backlog. We will endeavour to deliver them but we can't currently promise an ETA, sorry.

Burp User | Last updated: Jun 16, 2016 08:21AM UTC

I absolutely support this request. However, I think there are even a couple of more important features: 1. Being able to cancel/pause/resume tasks in the "Queued Tasks" list. Maybe even change the order of execution of the tasks, as breath-first and depth-first is very important when you configure content-discovery to be recursive. 2. Being able to define the decision process of "URL exists/doesn't exist". This is currently pretty silly, for example generic 401 generated pages are marked as "page exists", therefore filling up the site map with garbage. From my experience this happens roughly on 50% of all websites, which kind of makes content-discovery unusable. Already being able to decide which HTTP response codes are added to the site map would be really helpful. However, having a short (eg. 30 requests with random URLs) training phase to check what the default behaviour of a website for 404 pages is would be an additional alternative that would be nice to have. 3. Being able to do content-discovery with a specific request as a template. I think something like "send to content-discovery" instead of "send to repeater". Content-Discovery would then use all the HTTP request headers of that request. At the moment content-discovery can not discovery any content in authenticated areas. For me content-discovery is one of the basic features needed for blackbox web pentest and I would appreciate every improvement. Although I thought about it, I decided against an extender plugin to implement this. The idea of duplicating the functionality of content-discovery first is really unpleasant. Let me know if I'm wrong or if I'm missing something.

Burp User | Last updated: Dec 19, 2016 06:34PM UTC

I am another user that would love to see the features outlined in Floyd's post. Content discovery could be a very useful tool, saving us from having to go outside of Burp to use other tools (and then figure out how to get the results back into Burp). I would also like to see the ability to annotate content (a comment tag, or a highlight color) that was discovered with the Content Discovery tool, so that we can easily filter a URL tree to see what was discovered. I especially agree that allowing the user to define the success/failure of content requests is crucial. We need to be able to define a set of parameters, such as response codes and regular expression content matches that define whether the application response is valid or not. Unfortunately right now the Content Discovery tool produces a lot of "tree clutter."

PortSwigger Agent | Last updated: Dec 20, 2016 09:58AM UTC

Look out for this week's release of Burp (1.7.15) which will deliver on some of these feature requests.

Burp User | Last updated: Mar 28, 2018 06:59PM UTC