To develop modern web applications front-end, Javascript like ReactJS, AngularJS, or NodeJs, HTML, and CSS are very popular.
Developers generally include comments and metadata in the code for the debugging purpose, and those comments and metadata sometimes contain information regarding critical and sensitive assets like internal IPs, Sensitive/Confidential domains, or URLs.
If the code with the comments and metadata is shipped to the production environment, the potential hackers use this data to perform more active attacks.
Hence it is very important to check the front-end code like HTML, JavaScript, or CSS files for any sensitive assets information.
Manually reviewing all the front-end code is very time-consuming and not feasible, so to automate this task, we can use the Asset Discover extension for Burp Suite.
Asset Discovery Extension Overview
Asset Discovery Extension automates the task of assets discovery by reviewing all the HTTP responses as part of passive scanning to identify sensitive assets information like domain, subdomain, IP, S3 bucket, etc.
How to Install Asset Discovery Extension
Step 1: Open Terminal
Step 2: Enter the command clone the Asset Discover Extension
git clone https://github.com/redhuntlabs/BurpSuite-Asset_Discover.git
Step 3: Open Burp Suite
Step 4: Click on the Extender tab.
Step 5: Click on the Add Button
Step 6: Set the Extension type as Python and Select the Asset_Discover.py file in the BurpSuite-Asset_Discover folder and click open.
Step 7: Click the Next Button and then click close.
Once the Asset Discover extension is installed, we can see the extension in the Burp Extension Tab.
How to use Asset Discover Extension
Asset Discover uses Burp Suite Passive Scanning to review HTTP responses to identify sensitive asset information.
Steps run the Asset Discovery Extension.
Step 1: Go to Target Tab in Burp Suite
Step 2: Select and Right click on the Domain that you want to scan
Once the scan is complete, we can see the results in the issue Tab.
