Rapid7 AppSec Plugin
Item logo image for Rapid7 AppSec Plugin

Rapid7 AppSec Plugin

Featured
3.7(

3 ratings

)
Item media 3 screenshot
Item media 4 screenshot
Item media 1 screenshot
Item media 2 screenshot
Item media 3 screenshot
Item media 4 screenshot
Item media 1 screenshot
Item media 2 screenshot
Item media 1 screenshot
Item media 2 screenshot
Item media 3 screenshot
Item media 4 screenshot

Overview

Rapid7 AppSec Plugin

The Rapid7 AppSec plugin works with Rapid7 InsightAppSec and AppSpider dynamic application security testing solutions to improve application scanning coverage and assist in validating vulnerabilities with these capabilities: Macro Recording - Use the plugin to record macros required by InsightAppSec and AppSpider Enterprise when selecting the Macro Authentication scan configuration. Macro Authentication enables the crawling engine of InsightAppSec and AppSpider to authenticate with complex login workflows. Vulnerability Validator - Use the vulnerability validator in conjunction with the Attack Replay feature in InsightAppSec and AppSpider. This feature of the Chrome plugin enables users to replay and edit recorded traffic generated during an InsightAppSec or AppSpider scan. Bootstrap Authentication - The Chrome plugin is required to use AppSpider Enterprise's Bootstrap Authentication feature, which gives the user the ability to interactively login to the target application during an active scan. Used for login workflows that require human interaction for example 2FA (Two-factor authentication). Traffic Recorder - Record the interactions (like HTTP GET and POST requests) between the front end application and the back end server in a Traffic File. InsightAppSec can replay these interactions to authenticate into your application. For support related to this plugin, please contact chrome_plugin@rapid7.com

3.7 out of 53 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Rahul KumarApr 26, 2022

Not able to execute it on the configured URL, throwing msg?.startsWith error.

Review's profile picture

Brian LooApr 8, 2018

helps me validate findings, create login macros, bootstrap logins.

1 person found this review to be helpful
Review's profile picture

Orlando Barrera IIMar 10, 2017

Very useful extension for AppSpider Enterprise. In order to enable these features in AppSpider Enterprise you need to modify NTOE.config file and change <macroPlugin Enabled="false" /> line to <macroPlugin Enabled="True" />

1 person found this review to be helpful

Details

  • Version
    4.6.6
  • Updated
    September 16, 2023
  • Offered by
    Rapid7
  • Size
    39.99MiB
  • Languages
    English (United States)
  • Developer
    Rapid7
    120 Causeway St Boston, MA 02114 US
    Email
    chrome_extension@rapid7.com
  • Trader
    This developer has identified itself as a trader per the definition from the European Union.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

For help with questions, suggestions, or problems, visit the developer's support site

Related

IP, DNS & Security Tools | HackerTarget.com

4.2(31)

Quick access to IP, DNS & Network Tools. Check DNS, Whois, ASN, Traceroute, Ping and more. Tools for technical operators.

Pulsedive Threat Intelligence

5.0(28)

Highlight IPs, domains, and URLs on any website to enrich them using Pulsedive's free threat intelligence data set.

HackBar

4.1(48)

A browser extension for Penetration Testing

Vulners Web Scanner

4.5(19)

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

Shodan

4.5(132)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

OWASP Penetration Testing Kit

4.9(43)

OWASP Penetration Testing Kit

Qualys Browser Recorder

3.6(8)

Qualys Browser Recorder is a free browser extension to record & play back scripts of any web application.

Burp Suite Navigation Recorder

5.0(3)

Improve your Burp Suite scan coverage by manually capturing how to perform complex actions on your website.

retire.js

4.9(7)

Scanning website for vulnerable js libraries

Recorded Future

4.8(22)

The Recorded Future Browser Extension provides real-time threat intelligence that is just a click away in any web-based application.

Tenable.io Web Application Scanning

3.0(3)

This extension helps you easily create and manage your web application scans for Tenable.io Web Application Scanning.

Cyber Web Tools

1.0(5)

Chrome extension to analysis your website security. It provides various tools to find web security loopholes.

IP, DNS & Security Tools | HackerTarget.com

4.2(31)

Quick access to IP, DNS & Network Tools. Check DNS, Whois, ASN, Traceroute, Ping and more. Tools for technical operators.

Pulsedive Threat Intelligence

5.0(28)

Highlight IPs, domains, and URLs on any website to enrich them using Pulsedive's free threat intelligence data set.

HackBar

4.1(48)

A browser extension for Penetration Testing

Vulners Web Scanner

4.5(19)

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

Shodan

4.5(132)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

OWASP Penetration Testing Kit

4.9(43)

OWASP Penetration Testing Kit

Qualys Browser Recorder

3.6(8)

Qualys Browser Recorder is a free browser extension to record & play back scripts of any web application.

Burp Suite Navigation Recorder

5.0(3)

Improve your Burp Suite scan coverage by manually capturing how to perform complex actions on your website.

Google apps