Awesome Open Source
Awesome Open Source

Build Status Known Vulnerabilities


This Burp Suite extension passively detects applications revealing server software version numbers during scanning, spidering etc.

Often the server version is revealed only on error responses, which may not be visible during the normal course of testing. Some examples are:

  • "Apache Tomcat/6.0.24 - Error report"
  • "Server: Apache/2.2.4 (Unix) mod_perl/2.0.3 Perl/v5.8.8"
  • "X-AspNet-Version: 4.0.30319"

Match rules are loaded from a remote tab-delimited file at extension startup.

Users can also load their own match rules from a local file or using the BApp GUI.

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
java (31,337
penetration-testing (244
pentest (208
burpsuite (57
scanning (55
burp-extensions (33
burp-plugin (28
burp (23