Timing Attack Extension for Burp Suite
Unmute
Mentor: Adele Miller, Security Engineer at Security Innovation
Team members: Luiza Cartaxo, Inbar Leibovich
Context:
Burp Suite is used by a huge percentage of security professionals, especially penetration testers. It is often used as an HTTP interception tool. Burp Suite's usefulness is greatly improved by a variety of plugins, many of which are free to use.
What you will do:
- Create a plugin for Burp Suite. This plugin will be polished and may be made publicly available to all users of the tool. I suggest that you create a timing attack tool for login forms or other actions. I am open to supporting other plugins.
Additional project tags: Cybersecurity, Penetration Testing
Recommended experience: Basic familiarity with Burp Suite, building and/or attacking full stack web applications
(If you are not planning on working in cyber security and have not worked with Burp Suite, I recommend working on another project.)
Team members: Luiza Cartaxo, Inbar Leibovich
Context:
Burp Suite is used by a huge percentage of security professionals, especially penetration testers. It is often used as an HTTP interception tool. Burp Suite's usefulness is greatly improved by a variety of plugins, many of which are free to use.
What you will do:
- Create a plugin for Burp Suite. This plugin will be polished and may be made publicly available to all users of the tool. I suggest that you create a timing attack tool for login forms or other actions. I am open to supporting other plugins.
Additional project tags: Cybersecurity, Penetration Testing
Recommended experience: Basic familiarity with Burp Suite, building and/or attacking full stack web applications
(If you are not planning on working in cyber security and have not worked with Burp Suite, I recommend working on another project.)
What tools did you use to create your project?
How much experience does your group have? Does the project use anything (art, music, starter kits) you didn't create?
CodeDay Labs advanced-track team
Made with 💖 by robots running our open-source software and GraphQL APIs.