New Burp Feature - ClickBandit
If you've ever worked through a web application pentest and found clickjacking vulnerabilities,you may have had some trouble in the "why is this important" conversation with your client.
The newest versions of Burp (after 1.6.32) have a new feature called "ClickBandit". ClickBandit will create the clickjacking attack for you, so you can illustrate the business impact to your client on their own site. There's nothing like a video of their own site getting exploited to bring the point home!
More details on this new feature here: http://blog.portswigger.net/2015/12/burp-clickbandit-javascript-based.html.
===============
Rob VandenBrink
Compugen
Keywords: Burp clickjacking
1 comment(s)
×
Diary Archives
Comments
Anonymous
Dec 14th 2015
8 years ago