Switch to the Burp Extender tab. Go to the BApp Store and find two plugins—Retire.js and Software Vulnerability Scanner. Click the Install button for each plugin, as follows:
After installing the two plugins, go to the Extender tab, then Extensions, and then the Burp Extensions section. Make sure both plugins are enabled with check marks inside the check boxes. Also, notice the Software Vulnerability Scanner has a new tab, as follows:
Return to the Firefox browser and browse to the Mutillidae homepage. Perform a lightweight, less-invasive passive scan by right-clicking and selecting Passively scan this branch, as follows:
Note the additional findings created from the two plugins. The Vulners plugin, which is the Software Vulnerability Scanner, found numerous CVE issues, and Retire.js identified five instances of a vulnerable version of jQuery, as follows:
