Skip to content

Connectivity Graph with Neo4j #18

New issue
New issue
Open
Open
Connectivity Graph with Neo4j#18
Assignees
parsiya
Labels
enhancementNew feature or request
@parsiya

Description

@parsiya
parsiya
opened on Apr 7, 2025

From Hamid on Twitter: https://x.com/hkashfi/status/1909056959707234315

Here’s some random idea: do it in Neo4j, store all endpoints, params and paths and then crawl different subdomains of a scope. Then, cluster results and by graph queries one can spot potential connections, shared backends, APIs, etc and try vulns across hosts/systems.

That is a great idea. Adding some things to do here:

Neo4j can be done here inside Burp, too, because Java.

Some ideas for the graph:

Which pages hit the same backend

  1. We know which page calls which endpoint through the referer header.
  2. Create a list of all pages that hit the same backend.
  3. We now know which pages hit the same backend.

Add more as I think about it.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions