This is the first public release of GUIDScannerExtension for Burp Suite. Compatible with Burp Suite Pro. Use this extension to find insecure UUID usage in session tokens, API paths, and more.
Built and maintained by @richeeta
Features:
- Detects all UUID versions (v1–v5) in HTTP traffic
- Identifies timestamp-based, MAC-based, and reversible UUIDs
- Includes support for Base64/URL-encoded tokens
- Highlights security concerns like predictability, MAC leakage, and poor RNG
- Adds a configurable GUI tab in Burp for tuning detection settings