
PortSwigger has released a new version of Burp Suite 2022.5.1 for Professional and Community users that contains numerous bug fixes.
The Burp Suite is the ultimate toolset for web application pentesters with a complete set of tools as given below:-
- Proxy
- Target
- Scanner
- Spider
- Intruder
- Repeater
- Collaborator client
- Clickbandit
- Sequencer
- Decoder
- Extender
- Comparer
The tool is written in Java, that can be used to test web applications from the browser. One new feature set added to the suite is JWT scan checks.
Advertisements
To estimate the system impact, the following categories are used:-
- Memory
- CPU
- Time
- Scanner
- Overall
The newly added features and improvements in Burp Suite 2022.5.1:-
- The list of insertion points for scanning, expanded to include Google Analytics cookies that are commonly used.
- Identification of locations to audit after the crawl is complete in order to improve the performance of the Burp Scanner.
- Individual timeouts for crawl that will override global config settings
- Improved Repeater tab behavior
- Set headers in session handling options
- Skip unauthenticated crawling during scans
- Verify upstream TLS
- Browser upgrade (Chromium 102.0.5005.61)
- Changes to Java requirements
Advertisements
Here below we have mentioned all the bug fixes:
- Performance issues that some users faced when using Intruder with large resource pools.
- Issue fixation of Intruder’s Copy attack config menu item was sometimes unresponsive.
- Scan configuration improvement of Crawl using my provided logins only setting was not displaying correctly on the edit configuration menu.
- The live passive crawl task was not automatically processing responses pushed from Repeater.