Cyber Security News came across a new ChatGPT-powered Vulnerability detection Tool called “BurpGPT,” which helps security researchers to detect the vulnerabilities that traditional scanners might miss.
Like PentestGPT, a ChatGPT Powered Automated Penetration Testing Tool, BurpGPT was developed with deep vulnerability scanning features.
BurpGPT combines Burp Suite with OpenAI’s GPT to perform a passive scan to detect vulnerabilities and traffic-based analysis.
To detect the vulnerabilities in web applications, BurpGPT sends web traffic to an OpenAI model Specified by the user, enabling sophisticated analysis within the passive scanner.
Alexandre Teyar, a security researcher from the UK, developed BurpGPT. The plugin provides customizable prompts allowing customized web traffic analysis that adapts to each user’s demands.
“The extension generates an automated security report that summarises potential security issues based on the user’s prompt and real-time data from Burp-issued requests.”Alexandre said.
The add-on accelerates vulnerability assessment and gives security experts a higher-level overview of the scanned application or endpoint by utilizing AI and natural language processing.
BurpGPT Features:
Here the some of the features that come with BurpGPT.
* Adds a passive scan check, allowing users to submit HTTP data to an OpenAI-controlled GPT model for analysis through a placeholder system.
* Leverages the power of OpenAI’s GPT models to conduct comprehensive traffic analysis, enabling the detection of various issues beyond just security vulnerabilities in scanned applications.
* Enables granular control over the number of GPT tokens used in the analysis by allowing for precise adjustments of the maximum prompt length.
* Offers users multiple OpenAI models choices, allowing them to select the one that best suits their needs.
* Empowers users to customize prompts and unleash limitless possibilities for interacting with OpenAI models. Browse through the Example Use Cases for inspiration.
* Integrates with Burp Suite, providing all native features for pre-and post-processing, including displaying analysis results directly within the Burp UI for efficient analysis.
* Provides troubleshooting functionality via the native Burp Event Log, enabling users to resolve communication issues quickly OpenAI API.G
– Cyber Security News