A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000+ malicious cryptocurrency mining domains (cryptojacking).
Summary
Minesweeper will passively scan in-scope items looking for matches against more than 23000+ known cryptojacking domains within the source of pages. When discovered, an alert similar to the following will be raised:
Manually Updating Sources
As this is the first build of Minesweeper lists are currently built based on CoinBlockerLists. As the project matures more sources will be added, as well as direct code checks. Since CoinBlockerLists updates quite frequently code is included to allow you to manually update your source list from the CoinBlockerLists github project.
If you don’t wish to wait for the next build of the plugin and want to update your own sources you can use the following in the root of your cloned project:
$ ./lib/update_sources.py
This should produce an output similar to the following on a successful update:
