Hi, Folks,
Since the last post on Intruder, I've been seeing questions come up on how to pull out data from a large number of results. I wanted to take some time to throw a quick post on how you can leverage some of the more advanced options in Intruder to automatically pull some information out. One of the suggestions that comes straight from PortSwigger is to use the Grep Extract option to pull data from responses.
Today, I'm going to demonstrate this functionality using WebGOAT.NET, a project that's freely available on OWASP and Github so you can follow along.
more here...................http://blog.nvisium.com/2014/08/intro-to-burpsuite-v-extracting.html
Since the last post on Intruder, I've been seeing questions come up on how to pull out data from a large number of results. I wanted to take some time to throw a quick post on how you can leverage some of the more advanced options in Intruder to automatically pull some information out. One of the suggestions that comes straight from PortSwigger is to use the Grep Extract option to pull data from responses.
Today, I'm going to demonstrate this functionality using WebGOAT.NET, a project that's freely available on OWASP and Github so you can follow along.
more here...................http://blog.nvisium.com/2014/08/intro-to-burpsuite-v-extracting.html