Contact Us
Our Address

5015 Observer Ln

Woodbridge, VA 22192

info@politoinc.com

Call Us
  • White LinkedIn Icon
  • White Facebook Icon
  • White Twitter Icon
  • White Google+ Icon

© 2018 by Polito, Inc. All rights reserved. Privacy Policy.

MASTERCRAFTED

Yara-Scanner for Burp Suite

Polito has developed a plugin to integrate Burp Suite (both the Professional and the Free versions) and allow the use of the Yara pattern matching and detection against website content. 

Introducing: Yara-Scanner

Polito has developed a plugin for Burp Suite to allow integration with the Yara pattern matching tool in order to allow Yara scans of website content. This content can include anything captured by Burp Suite, such as HTML or JavaScript content, request or response headers, and URL parameters. Use cases involve scanning for obfuscated or malicious content on websites in order to identify compromised / altered pages, obfuscated code, web shells, or other indications of malicious activity or website compromise.

Scan with Yara in Burp Suite

Select any item in the Site Map and scan it with Yara

Product Details

  • Yara-Scanner facilitates the use of Yara directly from within Burp Suite in order to scan site content for specific patterns. This can be useful to detect web shells, obfuscated JavaScript, embedded redirection code, or other indicators of malicious activity on a web site.

  • Any content that is displayed in Burp Suite’s Site Map can easily be scanned using Yara and one or multiple Yara rules files from a context menu option (provide a screenshot)

  • Burp Suite will invoke Yara and display the results of Yara scanning on the Yara Output tab if a match is detected. The output will include the Request / Response pair that contained a match as well as the Yara rule that matched against that Request / Response.

  • The plugin is written in Jython thus requires the installation of a Jython interpreter (provide a link).

  • The plugin also requires the Yara executable to be located on the computer where Burp Suite is running. 

  • The plugin is available in the BApp Store so installation requires a single click from within Burp Suite.

  • For the latest developments download the version at the Polito Github page.

If you have questions about the plugin or need help securing your web or mobile application, contact us today.

MASTERFUL

Our team of experts is ready to MasterCraft your custom cyber security solution. Contact us today and experience what Masterful Cyber Security is all about.