Kali Linux

Admin-Panel_Finder : A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces

Admin-Panel_Finder is a burp suite extension that enumerates infrastructure and application Admin Interfaces.

OWASP References:

  • Classification: Web Application Security Testing > 02-Configuration and Deployment Management Testing
  • OTG v4: OWASP OTG-CONFIG-005
  • WSTG: WSTG-CONF-05

Why should I use this extension?

  • Multi-thread
  • Different and configurable levels of test.
  • Includable status codes
  • Excludable status codes
  • More than 1000 built-in payloads.
  • You can load your dictionary.
  • Editable root directory
  • Automatic detection of used technologies to generate custom payloads.
  • Passive listening to find login pages.

Installation

The quickest way is to load the jar file (adminPanelFinder.jar) in the extender tab of the Burpsuite.
Extender -> Extensions -> Add
A new tab will be added to the burp suite.

Quick Start

  • Select a request of a target host from any tab of the burp suite (it must have a response with any status code)
  • In the “Admin Panel Finder -> options” tab, apply your configurations.
  • Go to the “Admin Panel Finder -> Finder -> Finder” tab and click on the “start” button.

Some of the options

These options can be used to customize the detection:

  • Level: Level of tests to perform (1-5, default 3)
  • Thread: num of threads (1-50, default 10)
  • Built-in dictionary: there is a built-in dictionary containing the most used directory and file names to be used for static payload generation.
  • Loadable dictionary: you can use your dictionary file for static payload generation.
  • HTTP method: HTTP method to be used in requests (HEAD, GET)(default: Head)
  • Extension: The extension used in application pages. [Example: php, asp, aspx, jsp, …]
  • Root Dir: The path to the root directory of the web application. (Default: /)
  • Includable status codes
  • Excludable status codes

Build From Source Code

  • To build the project, you need Gradle installed.
  • Clone the repository
    git clone https://github.com/moeinfatehi/Admin-Panel_Finder
  • Open the main directory of the project (where build.gradle file exists) and run: gradle makeJar
  • The Jar file will be generated in “build/libs/Admin-Panel_Finder.jar”
Download
R K

Leave a Comment
Share
Published by
R K
Tags: Admin InterfacesAdmin-Panel_FinderBurpInfrastructure
3 years ago

Recent Posts

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

6 days ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

6 days ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

6 days ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

6 days ago

Essential Commands for Linux User Listing

Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…

6 days ago

Command-Line Techniques for Listing Linux Users

Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…

1 week ago