c0ny1 / Sqlmap4burp Plus Plus
sqlmap4burp++是一款兼容Windows,mac,linux多个系统平台的Burp与sqlmap联动插件
Stars: ✭ 325
Programming Languages
java
68154 projects - #9 most used programming language
Labels
Projects that are alternatives of or similar to Sqlmap4burp Plus Plus
burp-wildcard
Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (-63.38%)
Mutual labels: burp-extensions
burp-copy-as-ffuf
Burp Extension that copies a request and builds a FFUF skeleton
Stars: ✭ 77 (-76.31%)
Mutual labels: burp-extensions
DetectCrossOriginMessaging
This Burp extension helps you to find usages of postMessage and recvMessage
Stars: ✭ 12 (-96.31%)
Mutual labels: burp-extensions
burp-token-rewrite
Burp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-95.38%)
Mutual labels: burp-extensions
flarequench
Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Stars: ✭ 44 (-86.46%)
Mutual labels: burp-extensions
CTFHelper
A simple Burp extension for scanning stuffs in CTF
Stars: ✭ 29 (-91.08%)
Mutual labels: burp-extensions
Headless Burp
Automate security tests using Burp Suite.
Stars: ✭ 192 (-40.92%)
Mutual labels: burp-extensions
HopLa
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
Stars: ✭ 446 (+37.23%)
Mutual labels: burp-extensions
TurboDataMiner
The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…
Stars: ✭ 46 (-85.85%)
Mutual labels: burp-extensions
BadIntent
Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 316 (-2.77%)
Mutual labels: burp-extensions
burp-suite-utils
Utilities for creating Burp Suite Extensions.
Stars: ✭ 19 (-94.15%)
Mutual labels: burp-extensions
burp-api-common
common methods that used by my burp extension projects
Stars: ✭ 29 (-91.08%)
Mutual labels: burp-extensions
burp-aem-scanner
Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
Stars: ✭ 60 (-81.54%)
Mutual labels: burp-extensions
ReSign
A burp extender that recalculate signature value automatically after you modified request parameter value.
Stars: ✭ 52 (-84%)
Mutual labels: burp-extensions
Pwnback
Burp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (-37.54%)
Mutual labels: burp-extensions
SQLi-Query-Tampering
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-62.15%)
Mutual labels: burp-extensions
Badintent
Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (-6.77%)
Mutual labels: burp-extensions
auth analyzer
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-76.31%)
Mutual labels: burp-extensions
burp-flow
Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Stars: ✭ 45 (-86.15%)
Mutual labels: burp-extensions
sqlmap4burp++ | burp联动sqlmap插件
0x01 插件简介
sqlmap4burp++对sqlmap4burp进行了重构,可在多个平台下快速联动Burp与sqlmap。
在sqlmap4burp基础上进行了如下改动:
- 在支持Windows基础上,拓展对Linux,macOS的支持
- 移除对commons-io-.jar,commons-langs-.jar的依赖
- 移除Burpsuite JTab控件,采用弹窗式配置,让界面更加简洁易用。
- 移除了多余的代码
想了解更多重构细节移步:《重构sqlmap4burp》
0x02 插件编译
mvn package
0x03 插件演示
已经在如下系统测试成功:
- Windows:7,10
- macOS:Mojave 10.14.5
- Linux:Kali2019.2
0x04 FQA
1.在macOS下无法弹出Terminal?
出现这种情况,一般有以下两个原因。
- 原因一:没有允许运行外部
Burp suite运行osascript。 - 原因二:没有启动终端(Terminal),请将其启动。若已经是运行状态,那么请重启它!
2.在Linux下弹出Terminal,为何没有执行命令呢?
这是正常现象,插件已经将命令复制到剪贴板,将其粘贴到弹出的命令窗口即可!目前插件在Linux下暂时无法实现启动Terminal的同时使其运行sqlmap命令,所以暂时采用这种临时的方法。
3.插件每次都必须要配置Python name和Sqlmap path么?
这两个配置是插件保证正常运行的关键,但并不需要每次配置,只需要第一次使用插件时配置好即可。之后无论是关闭插件,重启Burp suite,配置内容都会被记录好。
0x05 参考项目
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].