[FEATURE] Count how many times a specified character or regular is matched in the response #210
Labels
Comments
Michelle-PortSwigger
added
the
duplicate
|
Hi We have had similar queries in the past (#97) so we'll link this together to track the feature request. I can't promise any timescales. |
|
Ok, thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello.
I am using Bchecks to find sensitive information in the response, such as "token".
The Bchecks I wrote always generate false positives when testing the login function. Because logging into the server will definitely return the user's token information. I would like to ask if Bchecks can count the number of times regular matches are made, for example, in Example 1, when two tokens are found, the problem is reported
Example 1 【need report】
{ "data": [{ "industry_name": "a", "token": "xxxx", }, { "industry_name": "b", "token": "xxxxxx", }] }No report example
{ "industry_name": "a", "token": "xxxx", }I am now checking if there are "login" characters in the requested URL to reduce false positives, but this is always missing. If there is a better way, please let me know. Thank you very much.
The text was updated successfully, but these errors were encountered: