Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Find pages that should be protected by a session cookie

Keith | Last updated: Apr 12, 2024 11:03AM UTC

I'm using burp suite pro and an authenticated scan generates the target map of my web app. I want to automate a check to find pages that generate a valid response (non 303) when a session cookie is not provided. I've used the repeater to manually find unprotected pages, is there a method to re-scan the target map with none or invalid cookies?, I want to find map pages that are not generating the 303 redirect to the login page.

Syed, PortSwigger Agent | Last updated: Apr 15, 2024 09:21AM UTC

Hi Keith,

Thank you for your message!

Have you tried writing a BCheck for this? BChecks allow you to script tests tailored specifically to your needs, enhancing the scanner's capability to detect vulnerabilities that are most relevant to your applications. You can use a simple scripting language to define these checks, which are saved as .bcheck files and can be imported into Burp Suite. This approach enables a more agile security testing process, as you don't have to wait for new checks to be integrated into the platform natively. You can quickly create a BCheck for emerging threats, like zero-day vulnerabilities, and integrate them into your testing routine immediately​.

https://portswigger.net/burp/documentation/scanner/bchecks

I hope that helps.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.