The best Burp plugin I’ve ever seen

Wanted to share with you what IMHO is the most promising Burp Suite plugin that just might transform it to the best penetration tool ever. It’s the Vulners plugin, available for free at github (https://github.com/vulnersCom/burp-vulners-scanner). If you are lazy like me, a build is available here: https://github.com/vulnersCom/burp-vulners-scanner/releases/download/1.1/burp-vulners-scanner-1.1.jar

Installation

It’s easy if you know how to deal with a plugin in Burp. If you don’t know, please find a video here:

Extender->Extensions->Add->Extension in file (.jar)

Configuring

The developer recommends enabling all the experimental features. No surprises here. There is only one of them and it is called “use scan by location paths”. This feature provides the ability to correlate all the URL paths from live traffic with an exploits database to suggest applicable vulnerability bulletins. It’s a super useful thing, just enable it!

Using

If you would like to avoid false positives or add some new checks there you may add detection rules in the “Scan rules” tab.
It’s the easiest way to extend your Burp capabilities with custom regexps/signatures to catch something application specific.

Conclusion

Why it’s better than Nessus you may ask? Just because it’s traffic-related checks! Nessus will never find a /wordpress-x/ directory for you but your browser together with Burp Suite can easily solve this task. The modern web cannot be crawled, it should be sniffed instead.