HUNT: Data-Driven Web Hacking and Manual Testing

Explore a comprehensive 44-minute conference talk from AppSecUSA 2017 that introduces HUNT, a powerful Burp Suite extension designed to enhance web hacking and manual testing. Learn how this data-driven tool leverages real-world vulnerability data to provide parameter-level suggestions for identifying critical issues like SQL Injection, Command Injection, and File Inclusion vulnerabilities. Discover how HUNT aims to organize common web hacking methodologies within Burp Suite, making it easier to assess large, complex applications more thoroughly. Gain insights into the tool's core functionality, data-driven design, and its potential to turbocharge web hacking without sacrificing efficiency.

Intro
Contributions
The Problems
Current Solutions
Introducing HUNT
Level 1 - HUNT Scanner
Bug Location (Tribal Knowledge)
Vulnerability Locations
Advisory
SQL Injection
Server Side Request Forgery AAA
Insecure Direct Object Reference
Server Side Template Injection
Debug & Logic Parameters
HUNT Scanner Implementation
Level 2 - HUNT Methodology
Methodologies
Description
Multiple Request/Response
Resources
Notes
Methodology Implementation
Plugin Installation
Installation - Plugin
Setting Target Scope
Setting Passive Scanner Scope
Running the Passive Scanner
Scanner Extensibility
Methodology Extensibility