Burp Suite 2022.5.1 Released – What’s New !!

Recently, PortSwigger has released a brand-new version of Burp Suite for Professional and Community users. The newly released version, Burp Suite 2022.5.1 contains numerous improvements and bug fixes.

Burp Suite is well-known by its informal name, “Pentester’s Swiss Army Knife,” it’s a complete set of tools for web application pentesters. This security tool is developed and maintained by PortSwigger, and it’s written in Java that allows security testing of web applications.

The Burp Suite is the ultimate toolset designed for web application pentesters. It is their most reliable companion and provides them with a complete set of tools. 

It contains various internal tools of the following:-

  • Proxy
  • Target
  • Scanner
  • Spider
  • Intruder
  • Repeater
  • Collaborator client
  • Clickbandit
  • Sequencer
  • Decoder
  • Extender
  • Comparer

PortSwigger created and maintains this pentesting tool for web applications, written in Java, that can be used to test web applications from the browser.

With this new release of Burp Suite, the developers have added one new feature that is particularly efficient and valuable:-

  • JWT scan checks

Feedback on BApp performance impact

With the BApp Store, you can now see in-app feedback about how far some BApps place a load on your system because you can see how many resources they use.

In order to estimate the system impact, the following categories are used:-

  • Memory: Essentially, it indicates how much of an impact the BApp is likely to have on the usage of memory by Burp Suite.
  • CPU: You can see an estimate on it of how much additional work your computer has to do as a consequence of the BApp.
  • Time: The figure highlights the impact of the Burp Suite BApp on the time it takes to load.
  • Scanner: It presents the likely impact on the amount of time required for a scan.
  • Overall: Among all of these categories, this one has the highest impact rating.

New Features & Improvements

Here below we have mentioned all the newly added features and improvements in Burp Suite 2022.5.1:-

  • The list of insertion points for scanning has been expanded to include a handful of Google Analytics cookies that are commonly used.
  • During this revision, developers have tweaked the mechanism by which they identified locations to audit after the crawl is complete in order to improve the performance of the Burp Scanner.
  • With the new feature of defining separate timeouts for the crawl and audit phases, you will be able to override the global project settings that are included in your scan configuration.
  • Improved Repeater tab behavior
  • Set headers in session handling options
  • Skip unauthenticated crawling during scans
  • Verify upstream TLS
  • Browser upgrade (Chromium 102.0.5005.61)
  • Changes to Java requirements

Bug Fixes

Here below we have mentioned all the bug fixes:-

  • There were some performance issues that users experienced when using Intruder with large resource pools has been fixed now.
  • This update fixes a problem that caused the Copy Attack Configuration menu item in the Intruder to sometimes not respond.
  • There was a problem with scan configurations that has been fixed.
  • The live passive crawl task did not automatically process responses pushed by repeaters as a result of a bug that had been fixed in this release.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

New Phishing Attack Poses as Zoom Meeting Invites to Steal Login Credentials

A newly identified phishing campaign is targeting unsuspecting users by masquerading as urgent Zoom meeting…

51 minutes ago

New Hannibal Stealer Uses Stealth and Obfuscation to Evade Detection

A newly identified piece of malware, dubbed the "Hannibal Stealer," has emerged as a significant…

57 minutes ago

Chinese APT Hackers Target Organizations Using Korplug Loaders and Malicious USB Drives

Advanced persistent threat (APT) groups with ties to China have become persistent players in the…

1 hour ago

Cache Timing Techniques Used to Bypass Windows 11 KASLR and Reveal Kernel Base

Cache timing side-channel attacks have been used to circumvent Kernel Address Space Layout Randomization (KASLR)…

1 hour ago

Hackers Exploit AutoIT Scripts to Deploy Malware Targeting Windows Systems

Cybersecurity researchers have unearthed a sophisticated attack leveraging AutoIT, a long-standing scripting language known for…

3 hours ago

New Report Finds 67% of Organizations Experienced Cyber Attacks in the Last Year

A disturbing 67% of businesses in eight worldwide markets—the US, UK, Spain, the Netherlands, Germany,…

4 hours ago