Black Hat Python Python Programming for Hackers and Pentesters by Unknown
				
							 
							
								
							
							
							Author:Unknown
							
							
							
							Language: eng
							
							
							
							Format: epub
							
							
							
																				
							
							
							
							
							
							
							
							
							
							
Figure 6-13. Sending the requests to the BHP Wordlist extension
Now check the output tab of the extension. In practice, we’d save its output to a file, but for
demonstration purposes we display the wordlist in Burp, as shown in Figure 6-14.
You can now feed this list back into Burp Intruder to perform the actual password-guessing
attack.
Figure 6-14. A password list based on content from the target website
We have now demonstrated a small subset of the Burp API, including being able to generate our
own attack payloads as well as building extensions that interact with the Burp UI. During a
penetration test you will often come up against specific problems or automation needs, and the
Burp Extender API provides an excellent interface to code your way out of a corner, or at least
save you from having to continually copy and paste captured data from Burp to another tool.
In this chapter, we showed you how to build an excellent reconnaissance tool to add to your Burp
tool belt. As is, this extension only retrieves the top 20 results from Bing, so as homework you
could work on making additional requests to ensure that you retrieve all of the results. This will
require doing a bit of reading about the Bing API and writing some code to handle the larger
results set. You of course could then tell the Burp spider to crawl each of the new sites you
discover and automatically hunt for vulnerabilities!
[13] Visit http://www.bing.com/dev/en-us/dev-center/ to get set up with your own free Bing API key.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
What's Done in Darkness by Kayla Perrin(26765)
The Ultimate Python Exercise Book: 700 Practical Exercises for Beginners with Quiz Questions by Copy(20352)
De Souza H. Master the Age of Artificial Intelligences. The Basic Guide...2024 by Unknown(20172)
D:\Jan\FTP\HOL\Work\Alien Breed - Tower Assault CD32 Alien Breed II - The Horror Continues Manual 1.jpg by PDFCreator(20163)
The Fifty Shades Trilogy & Grey by E L James(19231)
Shot Through the Heart: DI Grace Fisher 2 by Isabelle Grey(19218)
Shot Through the Heart by Mercy Celeste(19078)
Wolf & Parchment: New Theory Spice & Wolf, Vol. 10 by Isuna Hasekura and Jyuu Ayakura(17258)
Python GUI Applications using PyQt5 : The hands-on guide to build apps with Python by Verdugo Leire(17197)
Peren F. Statistics for Business and Economics...Essential Formulas 3ed 2025 by Unknown(17038)
Wolf & Parchment: New Theory Spice & Wolf, Vol. 03 by Isuna Hasekura and Jyuu Ayakura & Jyuu Ayakura(16960)
Wolf & Parchment: New Theory Spice & Wolf, Vol. 01 by Isuna Hasekura and Jyuu Ayakura & Jyuu Ayakura(16589)
The Subtle Art of Not Giving a F*ck by Mark Manson(14550)
The 3rd Cycle of the Betrayed Series Collection: Extremely Controversial Historical Thrillers (Betrayed Series Boxed set) by McCray Carolyn(14281)
Stepbrother Stories 2 - 21 Taboo Story Collection (Brother Sister Stepbrother Stepsister Taboo Pseudo Incest Family Virgin Creampie Pregnant Forced Pregnancy Breeding) by Roxi Harding(13930)
Scorched Earth by Nick Kyme(12917)
Drei Generationen auf dem Jakobsweg by Stein Pia(11115)
Suna by Ziefle Pia(11039)
Scythe by Neal Shusterman(10505)
