Paul Johnston pajswigger
pajswigger
/ burp-report.xsl
Created
July 2, 2018 13:34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> | |
| <xsl:output method="html" indent="no"/> | |
| <xsl:key name="issue-by-type" match="issue" use="type" /> | |
| <xsl:template match="/issues"> | |
| <html> | |
| <head> | |
| <title>Burp Scanner Report</title> |
pajswigger
/ crlf-fixup.py
Created
July 3, 2018 13:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IBurpExtender, IHttpListener | |
| class BurpExtender(IBurpExtender, IHttpListener): | |
| def registerExtenderCallbacks(self, callbacks): | |
| self.callbacks = callbacks | |
| callbacks.registerHttpListener(self) | |
| def processHttpMessage(self, toolFlag, messageIsRequest, message): | |
| helpers = self.callbacks.getHelpers() |
pajswigger
/ UpdateParameter.java
Created
September 20, 2018 09:47
Function to help a Burp extension update a parameter
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| static byte[] updateParameter(IExtensionHelpers helpers, IRequestInfo requestInfo, byte[] request, IParameter parameter, String value) { | |
| ByteArrayOutputStream baos = new ByteArrayOutputStream(); | |
| int bodyOffset = requestInfo.getBodyOffset(); | |
| baos.write(request, bodyOffset, parameter.getValueStart() - bodyOffset); | |
| baos.write(value.getBytes(Charsets.ISO_8859_1), 0, value.length()); | |
| baos.write(request, parameter.getValueEnd(), request.length - parameter.getValueEnd()); | |
| byte[] newBody = baos.toByteArray(); | |
| List<String> headers = requestInfo.getHeaders(); | |
| for(int i = 0; i < headers.size(); i++) { |
pajswigger
/ burp-summary-report.xsl
Created
October 10, 2018 08:58
XSLT file to generate a summary HTML report from a Burp XML report
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> | |
| <xsl:output method="html" indent="no"/> | |
| <xsl:key name="issue-by-type" match="issue" use="type" /> | |
| <xsl:template match="/issues"> | |
| <html> | |
| <head> | |
| <title>Burp Scanner Report</title> |
pajswigger
/ BurpExtender.java
Created
February 8, 2019 10:59
Sample Burp Extension code to extract response markers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package burp; | |
| import java.util.List; | |
| public class BurpExtender implements IBurpExtender | |
| { | |
| @Override | |
| public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) | |
| { |
pajswigger
/ delete-cookies.kt
Created
April 18, 2019 10:40
Burp extension to delete all cookies in jar
OlderNewer