Burp Extensions

Overview

Burp Extensions

This is a collection of extensions to Burp Suite that I have written.

getAllParams.py - Version 1.2

This is a python extension that runs in Portswigger's Burp Suite and parses an already crawled sitemap to build a custom parameter list. It also adds common parameter names that could be useful in the final list used for fuzzing.

Although it has a different function, the code was based on the why-cewler.py extension by Ianmaster53 (https://gist.github.com/lanmaster53/a0d3523279f3d1efdfe6d9dfc4da0d4a) just as a base template.

Usage:

  1. Point Burp Suite to Jython in the Extender > Options tab.
  2. Install this extension manually in the Extender > Extensions tab.
  3. Change any options on the "Get All Params" tab.
  4. Right-click on any element in the Target tab's hierarchical sitemap.
  5. Select the Extensions > Get All Params context menu item.
  6. Go to the "Get All Params" tab to see the results.

If the option to save output to a file is selected then a file of all paramaters will be created in the users home directory (or Documents for Windows) with the name "{TARGET}_getAllParams.txt" The extension Output tab will show a combined string of all parameters and a test value (default of of XNLV? - where ? is a unique number) This string can be used in requests and then Burp history searched for any relection of XNLV

REQUEST PARAMETERS: The following types of paramters with in the Burp IParamater interface can be retunred (depending on selected options):

  • PARAM_URL (0) - Used to indicate a parameter within the URL query string.
  • PARAM_BODY (1) - Used to indicate a parameter within the message body.
  • PARAM_COOKIE (2) - Used to indicate an HTTP cookie.
  • PARAM_XML (3) - Used to indicate an item of data within an XML structure.
  • PARAM_XML_ATTR (4) - Used to indicate the value of a tag attribute within an XML structure.
  • PARAM_MULTIPART_ATTR (5) - Used to indicate the value of a parameter attribute within a multi-part message body (such as the name of an uploaded file).
  • PARAM_JSON (6) - Used to indicate an item of data within a JSON structure.

RESPONSE PARAMETERS:

  • JSON parameters (Thanks to contribution by Pichik)
  • XML paramaters (Thanks to contribution by Pichik)
  • Words from URL paths, if you are using this to generate a wordlist (Thanks to contribution by Pichik)
  • Name and Id attribute from HTML Input fields
  • Javascript variables and constants in ALL types of reponses (JS vars could be in the html, script and even JSON response within a .js.map file)
  • Meta tag Name attribute
You might also like...
A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ

MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions
MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions

MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions (pdf, doc, docx, etc), and downloads them.

A Burp Pro extension that adds log4shell checks to Burp Scanner

scan4log4shell A Burp Pro extension that adds log4shell checks to Burp Scanner, written by Daniel Crowley of IBM X-Force Red. Installation To install

Nuclei - Burp Extension allows to run nuclei scanner directly from burp and transforms json results into the issues
Nuclei - Burp Extension allows to run nuclei scanner directly from burp and transforms json results into the issues

Nuclei - Burp Extension Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues. Installatio

Burp Extensions

Burp Extensions This is a collection of extensions to Burp Suite that I have written. getAllParams.py - Version 1.2 This is a python extension that ru

DRF-extensions is a collection of custom extensions for Django REST Framework

Django REST Framework extensions DRF-extensions is a collection of custom extensions for Django REST Framework Full documentation for project is avail

A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.
A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.

BurpParamFlagger A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF

Burp Extension that copies a request and builds a FFUF skeleton
Burp Extension that copies a request and builds a FFUF skeleton

ffuf is gaining a lot of traction within the infosec community as a fast portable web fuzzer. It has been compared and aligned (kinda) to Burp's Intruder functionality. Thus, Copy As FFUF is trying to build that interoperatability bridge between the two.

xp_CAPTCHA(白嫖版) burp 验证码 识别 burp插件
xp_CAPTCHA(白嫖版) burp 验证码 识别 burp插件

xp_CAPTCHA(白嫖版) 说明 xp_CAPTCHA (白嫖版) 验证码识别 burp插件 安装 需要python3 小于3.7的版本 安装 muggle_ocr 模块(大概400M左右) python3 -m pip install -i http://mirrors.aliyun.com/

Python script to launch burp scans automatically

SimpleAutoBurp Python script that takes a config.json file as config and uses Burp Suite Pro to scan a list of websites.

Burp Suite extension to log GraphQL operations as a comment
Burp Suite extension to log GraphQL operations as a comment

Burp GraphQL Logger A very simple, straightforward extension that logs GraphQL operations as a comment in the Proxy view. To enable the highlight, unc

Broken Link Finder is a Burp Extension to detect broken links for a passive scanning domains and links.
Broken Link Finder is a Burp Extension to detect broken links for a passive scanning domains and links.

Broken Link Finder Broken Link Finder is a Burp Extension to detect broken links for a passive scanning domains and links. Inspired by InitRoot's link

Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator
Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator

Malicious PDF Generator ☠️ Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator. Used for pene

Burp Suite extension for encoding/decoding EVM calldata

unblocker Burp Suite extension for encoding/decoding EVM calldata 0x00_prerequisites Burp Suite Java 8+ Python 2.7 0x01_installation clone this reposi

A simple Burp Suite extension to extract datas from source code
A simple Burp Suite extension to extract datas from source code

DataExtractor A simple Burp Suite extension to extract datas from source code. Features in scope parsing file extensions to ignore files exclusion bas

A burp-suite plugin that extract all parameter names from in-scope requests

ParamsExtractor A burp-suite plugin that extract all parameters name from in-scope requests. You can run the plugin while you are working on the targe

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

About Hive Burp Suite Extension
About Hive Burp Suite Extension

Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss

Comments
  • UnicodeDecodeError: 'utf-8' codec can't decode bytes in position 32-35: invalid data

    UnicodeDecodeError: 'utf-8' codec can't decode bytes in position 32-35: invalid data

    I am getting this error while trying to install. I'm using Windows 10.

    Traceback (most recent call last):
      File "<string>", line 1, in <module>
    UnicodeDecodeError: 'utf-8' codec can't decode bytes in position 32-35: invalid data
    
    	at org.python.core.codecs.strict_errors(codecs.java:204)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    	at org.python.core.JavaFunc.__call__(Py.java:2912)
    	at org.python.core.PyObject.__call__(PyObject.java:433)
    	at org.python.core.codecs.decoding_error(codecs.java:1603)
    	at org.python.core.codecs.insertReplacementAndGetResume(codecs.java:1572)
    	at org.python.core.codecs.PyUnicode_DecodeUTF8Stateful(codecs.java:1104)
    	at org.python.core.codecs.PyUnicode_DecodeUTF8(codecs.java:1021)
    	at org.python.core.Py.fileSystemDecode(Py.java:722)
    	at org.python.core.Py.fileSystemDecode(Py.java:735)
    	at org.python.modules.posix.PosixModule.asPath(PosixModule.java:1306)
    	at org.python.modules.posix.PosixModule.absolutePath(PosixModule.java:1317)
    	at org.python.modules.posix.PosixModule.chdir(PosixModule.java:300)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    	at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:190)
    	at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:208)
    	at org.python.core.PyObject.__call__(PyObject.java:461)
    	at org.python.core.PyObject.__call__(PyObject.java:465)
    	at org.python.pycode._pyx2.f$0(<string>:1)
    	at org.python.pycode._pyx2.call_function(<string>)
    	at org.python.core.PyTableCode.call(PyTableCode.java:173)
    	at org.python.core.PyCode.call(PyCode.java:18)
    	at org.python.core.Py.runCode(Py.java:1703)
    	at org.python.core.Py.exec(Py.java:1747)
    	at org.python.util.PythonInterpreter.exec(PythonInterpreter.java:268)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    	at burp.u7m.l(Unknown Source)
    	at burp.dp8.I(Unknown Source)
    	at burp.bsl.e(Unknown Source)
    	at burp.rm2.lambda$panelLoaded$0(Unknown Source)
    	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
    	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
    	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
    	at java.base/java.lang.Thread.run(Thread.java:833)
    
    
    opened by KarahanGuner 10
  • AttributeError(

    AttributeError("'NoneType' object has no attribute 'toString'",)

    Hey there,

    I love your tool! It has certainly helped me out countless times with my bounty hunting, so thank you!

    I recently noticed this error starting to occur, and only on some burp files...see attachment.

    Screenshot 2022-11-25 at 5 10 28 PM

    Let me know your thoughts!

    opened by mattzamat 10
  • [Feature request] Add parameters from burp history

    [Feature request] Add parameters from burp history

    Hy can you add a feature to add all parameters from proxy history, So after understanding target I start this externsion and I click on "get all params" and it comes. Like paramalyzer but they has no feature to copy all those parameters

    opened by iamRjarpan 1
  • Attribute error

    Attribute error

    Using burp version 2022.12.5 tried previous versions also This is the error I'm getting

    "doEverything 1 AttributeError("'NoneType' object has no attribute 'toString'",)"

    After sending target to GAP

    opened by Spideynati 5
Releases(1.9)
Owner
/XNL-h4ck3r
/XNL-h4ck3r
A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.

BurpParamFlagger A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF

Allyson O'Malley 118 Nov 7, 2022
xp_CAPTCHA(白嫖版) burp 验证码 识别 burp插件

xp_CAPTCHA(白嫖版) 说明 xp_CAPTCHA (白嫖版) 验证码识别 burp插件 安装 需要python3 小于3.7的版本 安装 muggle_ocr 模块(大概400M左右) python3 -m pip install -i http://mirrors.aliyun.com/

算命縖子 588 Jan 9, 2023
Burp Suite extension for encoding/decoding EVM calldata

unblocker Burp Suite extension for encoding/decoding EVM calldata 0x00_prerequisites Burp Suite Java 8+ Python 2.7 0x01_installation clone this reposi

Halborn 16 Aug 30, 2022
A simple Burp Suite extension to extract datas from source code

DataExtractor A simple Burp Suite extension to extract datas from source code. Features in scope parsing file extensions to ignore files exclusion bas

Gwendal Le Coguic 86 Dec 31, 2022
A burp-suite plugin that extract all parameter names from in-scope requests

ParamsExtractor A burp-suite plugin that extract all parameters name from in-scope requests. You can run the plugin while you are working on the targe

null 29 Nov 9, 2022
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

Krypt0mux 162 Nov 25, 2022
About Hive Burp Suite Extension

Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss

null 7 Dec 7, 2022
log4j burp scanner

log4jscanner log4j burp插件 特点如下: 0x01 基于Cookie字段、XFF头字段、UA头字段发送payload 0x02 基于域名的唯一性,将host带入dnslog中 插件主要识别五种形式: 1.get请求,a=1&b=2&c=3 2.post请求,a=1&b=2&c=

null 1 Jun 30, 2022
log4j2 passive burp rce scanning tool get post cookie full parameter recognition

log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别,在ceye.io api速率限制下,最大线程扫描每一个参数,记录过滤已检测地址,重复地址 token替换为你自己的http://ceye.io/ token 和域名地址

null 5 Dec 10, 2021
PortSwigger Burp Plugin for the Log4j (CVE-2021-44228)

yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log

Y-Security 1 Jan 31, 2022