See Getting Started section of the readme. This upgrade gives several security and performance benefits. This release upgrades Burp installer JRE to 19.0.2. This release upgrades Burp's browser to Chromium 1.49 for Linux and Mac and 1.49/50 for Windows. We have upgraded DOM Invader to fix a bug whereby if a user disabled CSP with prototype pollution functionality enabled, then the system would continue to ignore CSP security headers when the user disabled prototype pollution. This release includes changes that enable Burp Scanner to better handle single-page applications (SPAs). You can now right-click a WebSocket message and use the context menu to send the message to your extension. We have also continued to update our Montoya API support for WebSockets. In addition, issue references are now present on extension-generated reports. We have fixed a bug that prevented report generation through the Montoya API.Every request and response now has a unique ID, so you can track which request caused each response.We have continued to update the Montoya API: The default placeholder regex already matches a placeholder in the predefined payload lists.Ĭollaborator interactions that result from an Intruder attack are shown in the Intruder results window, instead of the Collaborator tab. A payload processing rule that replaces a specified placeholder regex with a collaborator payload.
A new payload type that generates Collaborator payloads, then inserts these at your configured payload positions.We have updated Burp Intruder to enable the use of Collaborator payloads in attacks. Collaborator payloads in Intruder attacks This release introduces support for Collaborator payloads in Intruder attacks, some SPA scanning improvements, and more upgrades for the the Montoya API, and upgrades to the browser and JRE.
Burp Suite Professional 2023.3.2 ChangeLog
0 kommentar(er)
