• Stars
    star
    345
  • Rank 122,750 (Top 3 %)
  • Language
    Java
  • License
    Other
  • Created almost 8 years ago
  • Updated about 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Material for the training "Developing Burp Suite Extensions โ€“ From Manual Testing to Security Automation"

Developing Burp Suite Extensions

Doyensec

This repository contains the slides and code for the training Developing Burp Suite Extensions - From Manual Testing to Security Automation

Content

  • BurpExtensionTemplate - Empty extension templates for NetBeans, Eclipse and IDEA
  • HelloBurp - Our first Burp extension
  • SiteLogger - Log sitemap and findings to database (MongoDB)
  • ReplayAndDiff - Replay a scan with a fresh session and diff the results
  • DetectSRI - Passive scanner check to detect the use of Subresource Integrity (SRI) attribute
  • DetectELJ - Active scanner check to detect Expression Language (EL) injection vulnerabilities
  • Bradamsa - Simplified code of Bradansa Intruder payloads generator
  • Doyensec_DevelopingBurpSuiteExtensionsTraining.pdf - Full slides of the training (PDF, 155 pages)

All exercises are provided in Java, Python and Ruby.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0). You are free to Share and Adapt under the following terms: Attribution, NonCommercial, ShareAlike.

Overview of the class

In this hands-on class, attendees will learn how to design and develop Burp Suite extensions for a variety of tasks. In a few hours, we work on several plugins to improve manual security testing efforts as well as to create fully-automated security tools. This workshop is based on real-life use cases where the extension capabilities of the tool can be unleashed to improve efficiency and effectiveness of security auditing. As an attendee, you will bring home a full bag of tricks that will take your web security skills to the next level. The class is available in 1-day and 2-days versions.

Audience

Suitable for both web application security specialists and developers. Attendees are expected to have rudimental understanding of Burp Suite as well as basic object-oriented programming experience. While Burp extensions are developed live in Java, attendees can work on Python or Ruby since all exercises are also provided in those languages.

Interested?

More details on what to expect from this class can be found on our blog post. We deliver this class during public events (e.g. security conferences) as well as private company workshops. If you're interested in a forthcoming public training or you want to know more about private classes, please contact [email protected]

More Repositories

1

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Python
1,510
star
2

electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
JavaScript
953
star
3

regexploit

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)
Python
779
star
4

awesome-electronjs-hacking

A curated list of awesome resources about Electron.js (in)security
558
star
5

wsrepl

WebSocket REPL for pentesters
Python
194
star
6

Session-Hijacking-Visual-Exploitation

Session Hijacking Visual Exploitation
JavaScript
189
star
7

PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
HTML
94
star
8

ajpfuzzer

A command-line fuzzer for the Apache JServ Protocol (ajp13)
Java
91
star
9

safeurl

A Server Side Request Forgery (SSRF) protection library. Made with ๐Ÿ–ค by Doyensec LLC.
Go
89
star
10

CSPTBurpExtension

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
Java
79
star
11

Prototype-Pollution-Gadgets-Finder

Python
73
star
12

StandardizedImageProcessingTest

A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web
JavaScript
68
star
13

PoiEx

๐ŸŒ Visualize and explore IaC โœ’๏ธ Create and share notes in VS Code ๐Ÿค Sync notes and findings in real-time with friends
TypeScript
68
star
14

GQLSpection

GQLSpection - parses GraphQL introspection schema and generates possible queries
Python
64
star
15

HopperTheme

Doyensec theme for the Hopper Disassembler - chill and functional for long RE nights
55
star
16

oidc-ssrf

An Evil OIDC Server
Go
49
star
17

cloudsec-tidbits

Blogpost series showcasing interesting cloud - web app security bugs
HCL
44
star
18

confuser

Dependency Confusion Security Testing Tool
Python
39
star
19

vbox-fuzz

Companion to the "Introduction to VirtualBox security research" Blog Post
C++
29
star
20

CVE-2022-39299_PoC_Generator

A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml
Python
17
star
21

VSCode_PoC_Oct2019

Proof of Concept for a VSCode Python Extension Code Execution Vulnerability
Python
16
star
22

r2pickledec

Pickle decompiler plugin for Radare2
C
14
star
23

imagemagick-security-policy-evaluator

The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.
JavaScript
14
star
24

webext_boilerplate

Web extension boilerplate files for web application testers.
JavaScript
7
star
25

db-race-conditions-playground

Database Race Condition Playground. Made with ๐Ÿงก by Doyensec LLC.
JavaScript
6
star
26

ThereAreBugsEverywhere

Doyensec Wallpapers - ThereAreBugsEverywhere Theme
5
star
27

libajp13

AJPv1.3 Java Library
Java
4
star
28

wallet-info

A web service providing Ethereum Dapp information. Made with ๐Ÿ–ค by Doyensec LLC.
Go
4
star
29

SoloKeys-2020Q1-fw-downgrade-PoC

SoloKeys firmware downgrade proof of concept
Python
3
star
30

libressl-portable

C
1
star