Burp Extensions

Overview

Burp Extensions

This is a collection of extensions to Burp Suite that I have written.

getAllParams.py - Version 1.2

This is a python extension that runs in Portswigger's Burp Suite and parses an already crawled sitemap to build a custom parameter list. It also adds common parameter names that could be useful in the final list used for fuzzing.

Although it has a different function, the code was based on the why-cewler.py extension by Ianmaster53 (https://gist.github.com/lanmaster53/a0d3523279f3d1efdfe6d9dfc4da0d4a) just as a base template.

Usage:

  1. Point Burp Suite to Jython in the Extender > Options tab.
  2. Install this extension manually in the Extender > Extensions tab.
  3. Change any options on the "Get All Params" tab.
  4. Right-click on any element in the Target tab's hierarchical sitemap.
  5. Select the Extensions > Get All Params context menu item.
  6. Go to the "Get All Params" tab to see the results.

If the option to save output to a file is selected then a file of all paramaters will be created in the users home directory (or Documents for Windows) with the name "{TARGET}_getAllParams.txt" The extension Output tab will show a combined string of all parameters and a test value (default of of XNLV? - where ? is a unique number) This string can be used in requests and then Burp history searched for any relection of XNLV

REQUEST PARAMETERS: The following types of paramters with in the Burp IParamater interface can be retunred (depending on selected options):

  • PARAM_URL (0) - Used to indicate a parameter within the URL query string.
  • PARAM_BODY (1) - Used to indicate a parameter within the message body.
  • PARAM_COOKIE (2) - Used to indicate an HTTP cookie.
  • PARAM_XML (3) - Used to indicate an item of data within an XML structure.
  • PARAM_XML_ATTR (4) - Used to indicate the value of a tag attribute within an XML structure.
  • PARAM_MULTIPART_ATTR (5) - Used to indicate the value of a parameter attribute within a multi-part message body (such as the name of an uploaded file).
  • PARAM_JSON (6) - Used to indicate an item of data within a JSON structure.

RESPONSE PARAMETERS:

  • JSON parameters (Thanks to contribution by Pichik)
  • XML paramaters (Thanks to contribution by Pichik)
  • Words from URL paths, if you are using this to generate a wordlist (Thanks to contribution by Pichik)
  • Name and Id attribute from HTML Input fields
  • Javascript variables and constants in ALL types of reponses (JS vars could be in the html, script and even JSON response within a .js.map file)
  • Meta tag Name attribute
You might also like...
A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ

MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions
MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions

MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions (pdf, doc, docx, etc), and downloads them.

A Burp Pro extension that adds log4shell checks to Burp Scanner

scan4log4shell A Burp Pro extension that adds log4shell checks to Burp Scanner, written by Daniel Crowley of IBM X-Force Red. Installation To install

Nuclei - Burp Extension allows to run nuclei scanner directly from burp and transforms json results into the issues
Nuclei - Burp Extension allows to run nuclei scanner directly from burp and transforms json results into the issues

Nuclei - Burp Extension Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues. Installatio

Burp Extensions

Burp Extensions This is a collection of extensions to Burp Suite that I have written. getAllParams.py - Version 1.2 This is a python extension that ru

DRF-extensions is a collection of custom extensions for Django REST Framework

Django REST Framework extensions DRF-extensions is a collection of custom extensions for Django REST Framework Full documentation for project is avail

A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.
A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.

BurpParamFlagger A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF

Burp Extension that copies a request and builds a FFUF skeleton
Burp Extension that copies a request and builds a FFUF skeleton

ffuf is gaining a lot of traction within the infosec community as a fast portable web fuzzer. It has been compared and aligned (kinda) to Burp's Intruder functionality. Thus, Copy As FFUF is trying to build that interoperatability bridge between the two.

xp_CAPTCHA(白嫖版) burp 验证码 识别 burp插件
xp_CAPTCHA(白嫖版) burp 验证码 识别 burp插件

xp_CAPTCHA(白嫖版) 说明 xp_CAPTCHA (白嫖版) 验证码识别 burp插件 安装 需要python3 小于3.7的版本 安装 muggle_ocr 模块(大概400M左右) python3 -m pip install -i http://mirrors.aliyun.com/

Python script to launch burp scans automatically

SimpleAutoBurp Python script that takes a config.json file as config and uses Burp Suite Pro to scan a list of websites.

Burp Suite extension to log GraphQL operations as a comment
Burp Suite extension to log GraphQL operations as a comment

Burp GraphQL Logger A very simple, straightforward extension that logs GraphQL operations as a comment in the Proxy view. To enable the highlight, unc

Broken Link Finder is a Burp Extension to detect broken links for a passive scanning domains and links.
Broken Link Finder is a Burp Extension to detect broken links for a passive scanning domains and links.

Broken Link Finder Broken Link Finder is a Burp Extension to detect broken links for a passive scanning domains and links. Inspired by InitRoot's link

Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator
Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator

Malicious PDF Generator ☠️ Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator. Used for pene

Burp Suite extension for encoding/decoding EVM calldata

unblocker Burp Suite extension for encoding/decoding EVM calldata 0x00_prerequisites Burp Suite Java 8+ Python 2.7 0x01_installation clone this reposi

A simple Burp Suite extension to extract datas from source code
A simple Burp Suite extension to extract datas from source code

DataExtractor A simple Burp Suite extension to extract datas from source code. Features in scope parsing file extensions to ignore files exclusion bas

A burp-suite plugin that extract all parameter names from in-scope requests

ParamsExtractor A burp-suite plugin that extract all parameters name from in-scope requests. You can run the plugin while you are working on the targe

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

About Hive Burp Suite Extension
About Hive Burp Suite Extension

Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss

Comments
  • UnicodeDecodeError: 'utf-8' codec can't decode bytes in position 32-35: invalid data

    UnicodeDecodeError: 'utf-8' codec can't decode bytes in position 32-35: invalid data

    I am getting this error while trying to install. I'm using Windows 10.

    Traceback (most recent call last):
      File "<string>", line 1, in <module>
    UnicodeDecodeError: 'utf-8' codec can't decode bytes in position 32-35: invalid data
    
    	at org.python.core.codecs.strict_errors(codecs.java:204)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    	at org.python.core.JavaFunc.__call__(Py.java:2912)
    	at org.python.core.PyObject.__call__(PyObject.java:433)
    	at org.python.core.codecs.decoding_error(codecs.java:1603)
    	at org.python.core.codecs.insertReplacementAndGetResume(codecs.java:1572)
    	at org.python.core.codecs.PyUnicode_DecodeUTF8Stateful(codecs.java:1104)
    	at org.python.core.codecs.PyUnicode_DecodeUTF8(codecs.java:1021)
    	at org.python.core.Py.fileSystemDecode(Py.java:722)
    	at org.python.core.Py.fileSystemDecode(Py.java:735)
    	at org.python.modules.posix.PosixModule.asPath(PosixModule.java:1306)
    	at org.python.modules.posix.PosixModule.absolutePath(PosixModule.java:1317)
    	at org.python.modules.posix.PosixModule.chdir(PosixModule.java:300)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    	at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:190)
    	at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:208)
    	at org.python.core.PyObject.__call__(PyObject.java:461)
    	at org.python.core.PyObject.__call__(PyObject.java:465)
    	at org.python.pycode._pyx2.f$0(<string>:1)
    	at org.python.pycode._pyx2.call_function(<string>)
    	at org.python.core.PyTableCode.call(PyTableCode.java:173)
    	at org.python.core.PyCode.call(PyCode.java:18)
    	at org.python.core.Py.runCode(Py.java:1703)
    	at org.python.core.Py.exec(Py.java:1747)
    	at org.python.util.PythonInterpreter.exec(PythonInterpreter.java:268)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    	at burp.u7m.l(Unknown Source)
    	at burp.dp8.I(Unknown Source)
    	at burp.bsl.e(Unknown Source)
    	at burp.rm2.lambda$panelLoaded$0(Unknown Source)
    	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
    	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
    	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
    	at java.base/java.lang.Thread.run(Thread.java:833)
    
    
    opened by KarahanGuner 10
  • AttributeError(

    AttributeError("'NoneType' object has no attribute 'toString'",)

    Hey there,

    I love your tool! It has certainly helped me out countless times with my bounty hunting, so thank you!

    I recently noticed this error starting to occur, and only on some burp files...see attachment.

    Screenshot 2022-11-25 at 5 10 28 PM

    Let me know your thoughts!

    opened by mattzamat 10
  • [Feature request] Add parameters from burp history

    [Feature request] Add parameters from burp history

    Hy can you add a feature to add all parameters from proxy history, So after understanding target I start this externsion and I click on "get all params" and it comes. Like paramalyzer but they has no feature to copy all those parameters

    opened by iamRjarpan 1
  • Attribute error

    Attribute error

    Using burp version 2022.12.5 tried previous versions also This is the error I'm getting

    "doEverything 1 AttributeError("'NoneType' object has no attribute 'toString'",)"

    After sending target to GAP

    opened by Spideynati 5
Releases(1.9)
Owner
/XNL-h4ck3r
/XNL-h4ck3r
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3

Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR

Pushpender Singh 9 Dec 12, 2022
IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc

Carry 1 Nov 25, 2021
Dark-Fb No Login 100% safe

Dark-Fb No Login 100% safe TERMUX • pkg install python2 && git -y • pip2 install requests mechanize tqdm • git clone https://github.com/BOT-033/Sensei

Bukan Hamkel 1 Dec 04, 2021
an impacket-dependent script exploiting CVE-2019-1040

dcpwn an impacket-dependent script exploiting CVE-2019-1040, with code partly borrowed from those security researchers that I'd like to say thanks to.

QAX A-Team 71 Nov 30, 2022
Password List Creator Simple !

Password List Creator Simple !

MR.D3F417 4 Jan 27, 2022
Show apps recorded storage files by jailbreak

0x101 Show registered storage files of apps by jailbreak Legal disclaimer: Usage of insTof for attacking targets without prior mutual consent is illeg

0x 4 Oct 24, 2022
Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems

KCMTicketFormatter This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for

Black Lantern Security 35 Oct 25, 2022
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.

Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.

HakCat 62 Jan 08, 2023
DoSer.py - Simple DoSer in Python

DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this

1 Oct 12, 2021
An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic lights, Refridgerators, Smart TVs etc.

An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic

Richard Mwewa 48 Nov 20, 2022
Hadoop Yan RPC unauthorized RCE

Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera

Al1ex 25 Nov 24, 2022
LeLeLe: A tool to simplify the application of Lattice attacks.

LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa

Mathias Hall-Andersen 4 Dec 14, 2021
A blind SQL injection script that uses binary search aka bisection method to dump datas from database.

Blind SQL Injection I wrote this script to solve PortSwigger Web Security Academy's particular Blind SQL injection with conditional responses lab. Bec

Şefik Efe 2 Oct 29, 2022
PasswordManager is a command-line program that helps you manage your secret files like passwords

PasswordManager is a command-line program that helps you manage your secret files like passwords. It's very minimalistic and easy to use.

Michael 3 Dec 30, 2021
Community Repository for Unofficial Saltbox Add-ons

Saltbox Sandbox Repo Community Repository for Unofficial Saltbox Add-ons Requirements Saltbox Documentation Undetermined Roles List of roles can be fo

Salty Organization 31 Dec 19, 2022
Getting my gitlab commit history into github

🔰 ᵀᴱᴸᴱᴳᴿᴬᴹ ᴴᴬᶜᴷ ᴮᴼᵀ 🔰 The owner would not be responsible for any kind of bans due to the bot. • ⚡ INSTALLING ⚡ • • 🛠️ Lᴀɴɢᴜᴀɢᴇs Aɴᴅ Tᴏᴏʟs 🔰 • If

Santiago Chiesa 1 Dec 24, 2021
JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

105 Dec 05, 2022
Detection tool of malware(s) by checksum (useful for forensic)

🐍 malware_checker.py Detection tool of malware(s) by checksum (useful for forensic) 📦 Dependencies installation $ pip3 install -r requirements.txt

Fayred 1 Jan 30, 2022
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

springcore-0day-en These are all my notes from the alleged confirmed! 0day dropped on 2022-03-29. This vulnerability is commonly referred to as "Sprin

Chris Partridge 105 Nov 26, 2022
Website OSINT untuk mencari informasi dari email dan nomor telepon. Dibuat dengan React dan Flask.

Inspektur Cari informasi mengenai email dan nomor telepon dengan mudah. Inspektur adalah aplikasi OSINT yang berguna untuk mencari informasi berdasark

Bagas Wastu 36 Dec 04, 2022