Kali Linux

Admin-Panel_Finder : A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces

Admin-Panel_Finder is a burp suite extension that enumerates infrastructure and application Admin Interfaces.

OWASP References:

  • Classification: Web Application Security Testing > 02-Configuration and Deployment Management Testing
  • OTG v4: OWASP OTG-CONFIG-005
  • WSTG: WSTG-CONF-05

Why should I use this extension?

  • Multi-thread
  • Different and configurable levels of test.
  • Includable status codes
  • Excludable status codes
  • More than 1000 built-in payloads.
  • You can load your dictionary.
  • Editable root directory
  • Automatic detection of used technologies to generate custom payloads.
  • Passive listening to find login pages.

Installation

The quickest way is to load the jar file (adminPanelFinder.jar) in the extender tab of the Burpsuite.
Extender -> Extensions -> Add
A new tab will be added to the burp suite.

Quick Start

  • Select a request of a target host from any tab of the burp suite (it must have a response with any status code)
  • In the “Admin Panel Finder -> options” tab, apply your configurations.
  • Go to the “Admin Panel Finder -> Finder -> Finder” tab and click on the “start” button.

Some of the options

These options can be used to customize the detection:

  • Level: Level of tests to perform (1-5, default 3)
  • Thread: num of threads (1-50, default 10)
  • Built-in dictionary: there is a built-in dictionary containing the most used directory and file names to be used for static payload generation.
  • Loadable dictionary: you can use your dictionary file for static payload generation.
  • HTTP method: HTTP method to be used in requests (HEAD, GET)(default: Head)
  • Extension: The extension used in application pages. [Example: php, asp, aspx, jsp, …]
  • Root Dir: The path to the root directory of the web application. (Default: /)
  • Includable status codes
  • Excludable status codes

Build From Source Code

  • To build the project, you need Gradle installed.
  • Clone the repository
    git clone https://github.com/moeinfatehi/Admin-Panel_Finder
  • Open the main directory of the project (where build.gradle file exists) and run: gradle makeJar
  • The Jar file will be generated in “build/libs/Admin-Panel_Finder.jar”
Download
R K

Leave a Comment
Share
Published by
R K
Tags: Admin InterfacesAdmin-Panel_FinderBurpInfrastructure
4 years ago

Recent Posts

Bash Scripting Best Practices Every Beginner Should Know

Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…

5 hours ago

How To Create A Self-Signed SSL Certificate Using Bash And OpenSSL

Introduction A self-signed SSL certificate is a certificate that is created and signed by the…

6 hours ago

How To Debug Bash Scripts Using bash -x And set Commands

Introduction Debugging is an important part of Bash scripting. When a script does not work…

10 hours ago

How To Use Cron Jobs With Bash Scripts For Automation

Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…

11 hours ago

How To Use Pipes In Bash Scripts For Command Chaining

Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…

12 hours ago

How To Use grep, awk, And sed In Bash Scripts

Introduction The grep, awk, and sed commands are powerful text-processing tools in Linux. They are…

13 hours ago