Shellshock Burp Scanning
Shellshock Burp Scanning
Shellshock Burp Scanning
Shellshock Burp Scanning
The following is a Java plugin for the web proxy Burp designed to detect CVE-2014-6271, or shellshock, during active scans of web applications. Further versions of the shellshock vulnerability, e.g. CVE-2014-7169, are not detected by this plugin. These versions require an existing code execution exploit against the remote system to trigger, and are therefore not included.
https://github.com/AccuvantLABS/burp-shellshock