Kali Linux

Admin-Panel_Finder : A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces

Admin-Panel_Finder is a burp suite extension that enumerates infrastructure and application Admin Interfaces.

OWASP References:

  • Classification: Web Application Security Testing > 02-Configuration and Deployment Management Testing
  • OTG v4: OWASP OTG-CONFIG-005
  • WSTG: WSTG-CONF-05

Why should I use this extension?

  • Multi-thread
  • Different and configurable levels of test.
  • Includable status codes
  • Excludable status codes
  • More than 1000 built-in payloads.
  • You can load your dictionary.
  • Editable root directory
  • Automatic detection of used technologies to generate custom payloads.
  • Passive listening to find login pages.

Installation

The quickest way is to load the jar file (adminPanelFinder.jar) in the extender tab of the Burpsuite.
Extender -> Extensions -> Add
A new tab will be added to the burp suite.

Quick Start

  • Select a request of a target host from any tab of the burp suite (it must have a response with any status code)
  • In the “Admin Panel Finder -> options” tab, apply your configurations.
  • Go to the “Admin Panel Finder -> Finder -> Finder” tab and click on the “start” button.

Some of the options

These options can be used to customize the detection:

  • Level: Level of tests to perform (1-5, default 3)
  • Thread: num of threads (1-50, default 10)
  • Built-in dictionary: there is a built-in dictionary containing the most used directory and file names to be used for static payload generation.
  • Loadable dictionary: you can use your dictionary file for static payload generation.
  • HTTP method: HTTP method to be used in requests (HEAD, GET)(default: Head)
  • Extension: The extension used in application pages. [Example: php, asp, aspx, jsp, …]
  • Root Dir: The path to the root directory of the web application. (Default: /)
  • Includable status codes
  • Excludable status codes

Build From Source Code

  • To build the project, you need Gradle installed.
  • Clone the repository
    git clone https://github.com/moeinfatehi/Admin-Panel_Finder
  • Open the main directory of the project (where build.gradle file exists) and run: gradle makeJar
  • The Jar file will be generated in “build/libs/Admin-Panel_Finder.jar”
Download
R K

Leave a Comment
Share
Published by
R K
Tags: Admin InterfacesAdmin-Panel_FinderBurpInfrastructure
3 years ago

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

1 week ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

1 week ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

2 weeks ago