Burp Extension that copies a request and builds a FFUF skeleton

Related tags

Networkingburp-copy-as-ffuf
Overview

Burp Extension: Copy As FFUF

Description

ffuf (https://github.com/ffuf/ffuf) is gaining a lot of traction within the infosec community as a fast portable web fuzzer. It has been compared and aligned (kinda) to Burp's Intruder functionality. Thus, Copy As FFUF is trying to build that interoperatability bridge between the two.

Features

  • Piping the copied request to a request.http file and build a skeleton ffuf command

TODO

  • Extend the functionality with additional right-click menu items, like:

    • Create a Copy as FFUF submenu
    • Copy request and use Burp proxy for verification Copy as FFUF skeleton, verify via Burp"
    • Copy request and use Burp proxy for the attack Copy as FFUF skeleton, proxy via Burp"

  • Maybe add a simple UI allowing to configure a path to wordlists

Requirements

  • Python environment / Jython for Burp Suite

Installation

  • Check if jython standalone is present in Extender -> Options -> Python Environment
  • Load the extention Extender -> Extensions -> Add -> select path to CopyAsFFUF.py

Hopefully at some point PortSwigger with make it available in the bApp store

Known Issue

TODO

Author

  • d3k4z

Credits

Owner
Desmond Miles
Desmond Miles
GitHub Repository
A TrueCharts automatic and bulk update utility

trueupdate A TrueCharts automatic and bulk update utility How to install run pip install trueupdate Please be aware you will need to reinstall after e

TrueCharts 125 Jan 04, 2023
Fast and configurable script to get and check free HTTP, SOCKS4 and SOCKS5 proxy lists from different sources and save them to files

Fast and configurable script to get and check free HTTP, SOCKS4 and SOCKS5 proxy lists from different sources and save them to files. It can also get geolocation for each proxy and check if proxies a

Almaz 385 Dec 31, 2022
boofuzz: Network Protocol Fuzzing for Humans

boofuzz: Network Protocol Fuzzing for Humans Boofuzz is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fi

Joshua Pereyda 1.7k Dec 31, 2022
Very simple FTP client, sync folder to FTP server, use python, opensource

ftp-sync-python Opensource, A way to safe your data, avoid lost data by Virus, Randsomware Some functions: Upload a folder automatically to FTP server

4 Sep 13, 2022
Wifi-Jamming is a simple, yet highly effective method of causing a DoS on a wireless implemented using python pyqt5.

pyqt5-linux-wifi-jamming-tool Linux-Wifi-Jamming is a simple GUI tool, yet highly effective method of causing a DoS on a wireless implemented using py

lafesa 8 Dec 05, 2022
InfraGenie is allows you to split out your infrastructure project into separate independent pieces, each with its own terraform state.

🧞 InfraGenie InfraGenie is allows you to split out your infrastructure project into separate independent pieces, each with its own terraform state. T

Digger 53 Nov 23, 2022
Build custom OSINT tools and APIs (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whois, Metadata & built-in database for more info) with this python package

Build custom OSINT tools and APIs with this python package - It includes different OSINT modules (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whoi

QeeqBox 52 Jan 06, 2023
This tool will scans your wi-fi/wlan and show you the connected clients

This tool will scans your wi-fi/wlan and show you the connected clients

VENKAT SAI SAGAR 3 Mar 24, 2022
Tiny Interactive File Transfer Application

TIFTA: Tiny Interactive File Transfer Application This repository holds all the source code, tests and documentation of the TIFTA software. The main g

Jorge Martínez 2 Dec 08, 2021
This program ingests a Cisco "sh ip arp" as a text file and produces the list of vendors seen in the file

IP-ARP-Vendor_lookup This program ingests a Cisco "sh ip arp" as a text file and produces the list of vendors seen in the file Why? Answers the questi

Stew Alexander 1 Dec 24, 2022
Ctech Didik Auto Script VPN 👨🏻‍💻Youtube: Ctech Didik

CTech Didik Auto Script VPN SUPPORT OPERATING SYSTEM Debian GNU/Linux 11 (Bullseye) Debian GNU/Linux 10 (Buster) Debian GNU/Linux 9 (Stretch) Ubuntu S

Ctech Didik 27 Dec 20, 2022
DataShare - Simple library for data sharing between scripts and public functions calling

DataShare - Simple library for data sharing between scripts and public functions calling. Installation. Install code, Delete LICENSE, README, readme.t

Ivan Perzhinsky. 1 Dec 17, 2021
Tool written on Python that locate all up host on your subnet

HOSTSCAN Easy to use command line network host scanner. From noob to noobs. Dependencies Nmap 7.92 or superior Python 3.9 or superior All requirements

NexCreep 4 Feb 27, 2022
No-dependency, single file NNTP server library for developing modern, rfc3977-compliant (bridge) NNTP servers.

nntpserver.py No-dependency, single file NNTP server library for developing modern, rfc3977-compliant (bridge) NNTP servers for python =3.7. Develope

Manos Pitsidianakis 44 Nov 14, 2022
track IP Address

ipX Table of Contents ipX Welcome Features Uses Author 📝 License Welcome find the location of an IP address. Specifically, you can get the following

Ali Shahid 15 Sep 26, 2022
Minimal, self-hosted, 0-config alternative to ngrok. Caddy+OpenSSH+50 lines of Python.

If you have a webserver running on one computer (say your development laptop), and you want to expose it securely (ie HTTPS) via a public URL, SirTunnel allows you to easily do that.

Anders Pitman 423 Jan 02, 2023
A script for generating WireGuard configs from Surfshark VPN

Surfshark WireGuard A script for generating WireGuard configs from Surfshark VPN. You must have python3 available on your machine. Usage Currently we

Alireza Ahmand 58 Dec 23, 2022
Typhon is a macOS specific payload aimed at targetting Jamf managed devices.

Typhon is a macOS specific payload aimed at targetting Jamf managed devices. This payload can be used to manipulate macOS devices into communicating with a Mythic instance, which acts as a Jamf serve

Mythic Agents 29 Dec 23, 2022
Lightweight asyncio compatible utilities for consuming broker messages.

A simple asyncio compatible consumer for handling amqp messages.

Mehdi Kamani 3 Apr 10, 2022
Automatically block traffic on Cloudflare's side based on Nginx Log parsing.

AutoRL This is a PoC of automatically block traffic on Cloudflare's side based on Nginx Log parsing. It will evaluate Nginx access.log and find potent

Nova Kwok 62 Dec 28, 2022