Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

Professional 1.3.05

26 May 2010 at 10:20 UTC

SHA256: {SHA FROM OPTION GOES HERE} MD5: {MD5 FROM OPTION GOES HERE}

This release adds a number of new checks to Burp Scanner, to report the following issues:

  • File upload functionality

  • Robots.txt

  • SSL certificate problems

  • SQL syntax in request parameters

  • Silverlight crossdomain policy

  • Disclosure of social security numbers

  • Disclosure of credit card numbers

  • Disclosure of database connection strings

  • Disclosure of server-side source code

  • ASP.NET tracing enabled

  • ASP.NET debugging enabled

  • HTTP PUT enabled

It must be said that many of these aren't the most exciting issues you can find in web applications, but they are all checks that people have been asking for. And even seemingly banal issues can often lead to bigger things so are worth investigating.