-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathBappDescription.html
29 lines (20 loc) · 2.11 KB
/
BappDescription.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
<p>This extension mutates ciphers to bypass TLS-fingerprint based bot detection.</p>
<h2>Usage</h2>
<p><b>Note:</b> This extension changes network settings at "Settings -> Network -> TLS" and selects "Use custom protocols and ciphers".</p>
<ol>
<li>Right-click on a Request/Response item in the Proxy History tab</li>
<li>Navigate to Extensions -> Bypass bot detection, and select one of the menu items</li>
<li>f the server's response changes (i.e., the number of words and headers are different), the extension will log the message and add notes to the Proxy History</li>
</ol>
<h2>Modes</h2>
<ul>
<li><b>Firefox Mode:</b> Install the following list of cipher suites: 4865, 4867, 4866, 49195, 49199, 52393, 52392, 49196, 49200, 49162, 49161, 49171, 49172, 156, 157, 47, 53 and add the Firefox User-Agent header</li>
<li><b>Chrome Mode:</b> Use cipher suites 4865, 4866, 4867, 49195, 49199, 49196, 49200, 52393, 52392, 49171, 49172, 156, 157, 47, 53 and add the Chrome User-Agent header</li>
<li><b>Safari Mode:</b> Include cipher suites 4865, 4866, 4867, 49196, 49195, 52393, 49200, 49199, 52392, 49162, 49161, 49172, 49171, 157, 156, 53, 47, 49160, 49170, 10 and add the Safari User-Agent header</li>
<li><b>HTTP2 Downgrade:</b> By default, Burp uses HTTP/2 to communicate with all servers that advertise support for it during the TLS handshake. When this feature is selected, Burp Suite will use HTTP/1 even if the server supports HTTP/2. It allows you to bypass aggressive HTTP/2 fingerprinting</li>
<li><b>Brute Force Mode:</b> Tries different combinations of TLS protocol versions and cipher suites. For a full list, visit <a href="https://github.com/PortSwigger/bypass-bot-detection/blob/d677ad52a3cad97aa51b39b66976e35490cef76d/src/main/java/net/portswigger/burp/extensions/Constants.java#L88">PortSwigger/bypass-bot-detection</a></li>
</ul>
<h2>Warning</h2>
<p>This extension modifies network settings during brute force attacks. It is not recommended to use this extension concurrently with other active scans.</p>
<p>This extension cannot bypass aggressive bot detection.</p>
<p>Copyright © 2024-2025 PortSwigger Ltd.</p>