Burps R Suite is a test application made to explore vulnerabilities on ASP.NET web applications.
Use .NET to compile and run the project:
git clone https://github.com/OutWrest/BurpsRSuite.git
cd BurpsRSuite
dotnet runThe app will run on http://localhost:5000/.
There are pre-made test accounts to try out:
Please note that the password rules are really lax to allow for faster testing.
| Username | Password | First Name | Last Name | Account Number | Answer 1 (Challenge Question) | Answer 2 (Challenge Question) | Has Two Factor | |
|---|---|---|---|---|---|---|---|---|
| user | asd | name | - | [email protected] | 123 | a | a | false |
| admin | T0tally1337Pa$$ | name | - | [email protected] | 1337 | a | a | false |
| secureUser | * | Secure | User | [email protected] | ** | * | * | true |
| secureUser** | * | VerySecure | User | [email protected] | ** | * | * | true |
| secureAdmin | * | Secure | Admin | [email protected] | ** | * | * | true |
*random lowercase letters (length = 5)
**random numbers (length = 2 for username and 9 for account number)
When closing a session while logged in, the browser saves the current cookie and loads it again in any new sessions. This causes exceptions because the users are deleted and reset every new session.
After clicking continue on the exceptions, delete the cookies and refresh the page.
There is a small chance that only some of the users will be created in a new session. It has something to do with the threads and I have no idea how to fix it.
Restart session and pray.