theLSA / Burp Info Extractor
Licence: mit
burpsuite extension for extract information from data
Stars: ✭ 27
Programming Languages
java
68154 projects - #9 most used programming language
Projects that are alternatives of or similar to Burp Info Extractor
Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Stars: ✭ 406 (+1403.7%)
Mutual labels: burpsuite, burp-plugin
Autorepeater
Automated HTTP Request Repeating With Burp Suite
Stars: ✭ 546 (+1922.22%)
Mutual labels: burpsuite, burp-plugin
flarequench
Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Stars: ✭ 44 (+62.96%)
Mutual labels: burp-plugin, burpsuite
Recaptcha
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Stars: ✭ 596 (+2107.41%)
Mutual labels: burpsuite, burp-plugin
Burpdeveltraining
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Stars: ✭ 302 (+1018.52%)
Mutual labels: burpsuite, burp-plugin
burp-token-rewrite
Burp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-44.44%)
Mutual labels: burp-plugin, burpsuite
SQLi-Query-Tampering
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+355.56%)
Mutual labels: burp-plugin, burpsuite
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+500%)
Mutual labels: burpsuite, burp-plugin
auth analyzer
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (+185.19%)
Mutual labels: burp-plugin, burpsuite
burp-flow
Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Stars: ✭ 45 (+66.67%)
Mutual labels: burp-plugin, burpsuite
Aes Killer
Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
Stars: ✭ 446 (+1551.85%)
Mutual labels: burpsuite, burp-plugin
Knife
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Stars: ✭ 626 (+2218.52%)
Mutual labels: burpsuite, burp-plugin
burp-wildcard
Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (+340.74%)
Mutual labels: burp-plugin, burpsuite
burp-suite-utils
Utilities for creating Burp Suite Extensions.
Stars: ✭ 19 (-29.63%)
Mutual labels: burp-plugin, burpsuite
Headless Burp
Automate security tests using Burp Suite.
Stars: ✭ 192 (+611.11%)
Mutual labels: burpsuite, burp-plugin
TurboDataMiner
The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…
Stars: ✭ 46 (+70.37%)
Mutual labels: burp-plugin, burpsuite
Burp Unauth Checker
burpsuite extension for check unauthorized vulnerability
Stars: ✭ 99 (+266.67%)
Mutual labels: burpsuite, burp-plugin
Burp Molly Pack
Security checks pack for Burp Suite
Stars: ✭ 123 (+355.56%)
Mutual labels: burpsuite, burp-plugin
googleauthenticator
Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 18 (-33.33%)
Mutual labels: burp-plugin, burpsuite
Burpcrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (+1196.3%)
Mutual labels: burpsuite, burp-plugin
burp-info-extractor
概述
快速提取数据中有价值的信息。
比如一个API(/user/list)返回大量用户名/密码,就可以使用此burpsuite插件快速提取。
关于该插件的实现细节,参考burpsuite插件开发总结
快速开始
支持右键send rsp to BIE直接发送HTTP响应包到本插件,也可以直接粘贴响应数据包/数据到插件文本框。
采用两种提取方式,以二层嵌套json格式的数据为例:
{“users”:[{“username”:”tom”},......}
1)json格式提取:users-username
json格式提取使用了google gson解析json数据,最多支持3层json嵌套,可以对付大多数情况了。
2)正则提取:"username":"(.*?)"
json格式的数据测试了如下:
一层json嵌套:
[{“username”:”tom”},......]
二层json嵌套:
{“users”:[{“username”:”tom”},......}
三层json嵌套:
{"code":0,"msg":"\u6210\u529f","data":{"current_page":1,"users":[{"unique_id":"9e4147f6e41bb457bcf75227fd646e8e","username":"tom"},......]}}
皆能完美提取username
注意大小写敏感!
反馈
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].