Capabilities

Below is a non-exhaustive list of BLACKBIRD’s capabilities. You are always welcome to explore our interactive demo and/or contact us whenever you have a question regarding BLACKBIRD.

Security testing capabilities

A non-extensive list of out-of-the box covered vulnerability types:

  • OS Command Injection
  • SQL Injection
  • Server-Side Request Forgery (SSRF)
  • Server-Side Template Injection (SSTI)
  • Local File Inclusion (LFI)
  • Local File Disclosure (LFD)
  • Remote File Inclusion (RFI)
  • CORS Misconfiguration
  • Cross-Site Scripting (XSS)
  • Subdomain Takeover
  • Open URL Redirect
  • JavaScript Static Code Analysis
  • Sensitive Data Exposures

BLACKBIRD is capable of scanning for almost any type of vulnerability, CWE or CVE!

Automation features

  • REST API
  • BLACKBIRD Burpsuite Integration Extension
  • Slack, Discord, Telegram and Email instant notification API
  • CI/CD Integration
  • GitHub/Jira Issue ticketing system integration

Reporting capabilities

BLACKBIRD allows you to export your data in:

  • JSON (via the REST API)
  • CSV
  • PDF

Please do note that CSV and PDF exports may not always be available.

False positive handling

BLACKBIRD employs multiple validation mechanisms to minimize false positives:

Browser Validation

BLACKBIRD deploys a headless web browser for client-side vulnerabilities. This allows BLACKBIRD to report back vulnerabilities with the utmost certainty and leaves no room for false positive results.

Out-of-Band Validation

For Out-of-Band (OOB) validation, BLACKBIRD makes use of your private OAST server for vulnerability validation. Each reported vulnerability that was discovered through OAST (Out-of-Band Application Security Testing, such as SSRFs, blind SQLis, OOB OS command injections, blind XSS, etc) will contain a reference to an invocation that you can view in your OAST server logs.

Response Validation

For generic vulnerability types that require us to examine the server’s HTTP response, we often make use of strictly defined patterns and anti-patterns as secondary validation rules. These measures ensure that we can minimize false positive results.

Technical limitations

BLACKBIRD has the following limitations put in place with the intent to increase the output quality:

  • A maximum of 10 targets (base URIs or root domains) are allowed per scan. If you need to scan more targets, we recommend you to launch another scan.
  • There is a maximum scan timeout duration of 24 hours. If a single scan takes longer than 24 hours, it will time out. Any existing results will be imported.
  • BLACKBIRD is currently only capable of parsing and testing HTTP requests with the following content types: application/json, application/xml, application/x-www-form-urlencoded, and multipart/form-data

FAQ

Find an answer on your question.

Was this page helpful?

Core ValuesGetting Started