Entries by putsi

,

Custom HTML on private collaborator domain

Hosting a private Burp Collaborator on custom domain can be very handy. However it currently has some limitations, one of them being the hard-coded index page.
It would be useful to be able to customize the web page. For example, the default page could instruct viewers how to contact the collaborator owner. Another example would be serving any additional payload files from the same domain.
There are hackish ways to achieve it, but not all are working as intended so let’s take a look how not to do it and how to actually do it.

,

Self-hosted Burp collaborator with custom domain

The Burp Suite Collaborator is a valuable tool for penetration testers and bug bounty hunters. It basically gives you unique subdomains and logs all interactions (DNS, HTTP(S), SMTP) towards the subdomain. This can be used for example to detect SSRF-vulnerabilities and exfiltrate data.

Burp Suite Professional provides a collaborator service under the domain burpcollaborator.net and using it is usually fine. However on the rare occasions it can be blacklisted / blocked or otherwise unreachable from the target. Luckily, the Burp collaborator can also be self-hosted and set to use a whole custom domain.