Attack Surface Detector Burp Versions Save

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

1.1.3

5 years ago

Additions

  • Added the Ability to detect multiple frameworks within the same project
  • Added the ability to detect endpoints from multiple frameworks in the same project

Changes

  • Upgraded Ham engine for better framework compatibility.
  • Improved framework compatibility
  • Quality of life improvements

1.1.2

5 years ago

Additions

  • Added the Ability to import endpoints from an ASD CLI JSON output file
  • Added a help tab to the Attack Surface Detector
  • Added a link to download the ASD CLI tool

Changes

  • Upgraded Ham engine for better framework compatibility.
  • Updated the options tab to give better instructions and links to external resources
  • Changes to the validation process for importing endpoints

1.1.1

5 years ago

Additions

  • New File filters for source code selection to prevent erroneous formats.
  • The Attack Surface Detector can now import endpoints from a .war file containing source code

Changes

  • Comparison code Directory no longer defaults to the directory of the newer source code location
  • Redesigns options tab for the ASD plugin for better usability.
  • Modified README to help users and contributors alike.
  • Updates HAM engine version to fix compatibility issues

1.10

6 years ago

Additions

  • Added the ability to import endpoints from a zip file
  • Added the ability to import two different version of the same source code and compare them for changes.
  • Added UI Adjustments to make the design of the plugin more inline with Burp.

Changes

  • Comments inside requests now reflect if the endpoint was new/modified/unchanged
  • Request highlight colors have now changed to cyan for unchanged, magenta for modified, and orange for new endpoints
  • The Endpoint details view now highlights new endpoints as well as new/modified/deleted parameters.

1.01

6 years ago

Version 1.01 of the Attack Surface Detector adds better user documentation as well as updated maven dependencies. It also decreases bloat by removing legacy classes, and external packaging scripts.

Additions:

  • User guide
  • Install guide
  • ReadMe documentation

Changes:

  • Updates internal dependencies
  • Removes legacy code
  • Removes outdated packaging scripts

1.0

6 years ago

We're proud to release version 1.0

Additions

  • Added the ability to resize the endpoints table and endpoints detail area.
  • Added UI Adjustments to make the design of the plugin more inline with Burp.

Changes

  • Requests are now made directly from the discovered endpoints.
  • Changes Title above the endpoints detail area.
  • Target configuration had been changed from a url to individual host/port/path/https
  • Removes integration with the astam-correlator