Skip to content

Instantly share code, notes, and snippets.

View pajswigger's full-sized avatar

Paul Johnston pajswigger

142 followers · 0 following
View GitHub Profile
@pajswigger
pajswigger / jython-code-completion.md
Last active November 8, 2019 04:18

Code completion for Burp Jython extensions

The IntelliJ Python plugin supports code completion and this can recognize the Burp API. First, make sure your project has the SDK set to Jython:

image

Then, add the Burp API as a library:

image

@pajswigger
pajswigger / BuildUnencodedRequest.java
Last active June 14, 2018 10:12
package burp;
import java.util.Random;
public class BuildUnencodedRequest
{
private Random random = new Random();
private IExtensionHelpers helpers;
BuildUnencodedRequest(IExtensionHelpers helpers)
@pajswigger
pajswigger / redirect-follower.py
Created February 8, 2018 09:58
# For use with Python Scripter extension
from java.net import URL
if not messageIsRequest:
request_info = helpers.analyzeRequest(messageInfo.getHttpService(), messageInfo.getRequest())
if request_info.getUrl().toString() == 'http://blah/':
response_info = helpers.analyzeResponse(messageInfo.getResponse())
for header in response_info.getHeaders():
if header.startswith('Location: '):
url = URL(header[len('Location: '):])
req = helpers.buildHttpRequest(url)
@pajswigger
pajswigger / remove-jar-compression.sh
Created January 29, 2018 11:34
#!/bin/bash
orig=$PWD
file=`basename $1`
mkdir -p "/tmp/$file"
cd "/tmp/$file"
jar -xf "$orig/$1"
find . -name \*.jar | while read JAR; do
jar -u0f "$orig/$1" $JAR
done
@pajswigger
pajswigger / highlight.java
Created January 23, 2018 08:07
Highlight a Burp Tab
JTabbedPane tabbedPane;
ChangeListener changeListener;
// add to constructor
addHierarchyListener(this);
void highlightTab()
{
if(tabbedPane != null)
{
@pajswigger
pajswigger / nested-decoder.kt
Created January 16, 2018 17:27
package burp;
import java.awt.Component
import java.util.*
class MessageEditorTab : IMessageEditorTab {
var messageEditor = BurpExtender.cb.createMessageEditor(null, true)
override fun getMessage(): ByteArray {
return messageEditor.message
@pajswigger
pajswigger / BurpExtender.java
Created January 10, 2018 09:54
Enable/disable cookies in Repeater quickly
package burp;
import org.json.JSONObject;
import org.json.JSONArray;
import org.json.JSONTokener;
import javax.swing.*;
import java.awt.event.ActionListener;
import java.awt.event.ActionEvent;
import java.io.PrintWriter;
@pajswigger
pajswigger / BasicAuthInsertionPoint.py
Created December 20, 2017 09:21
from burp import IBurpExtender, IScannerInsertionPoint, IScannerInsertionPointProvider
import base64, jarray, re
class BurpExtender(IBurpExtender):
def registerExtenderCallbacks(self, callbacks):
callbacks.registerScannerInsertionPointProvider(BasicAuthInsertionPointProvider(callbacks))
class BasicAuthInsertionPointProvider(IScannerInsertionPointProvider):
@pajswigger
pajswigger / report.py
Created November 30, 2017 09:24
from burp import IBurpExtender
from java.io import File
class BurpExtender(IBurpExtender):
def registerExtenderCallbacks(self, callbacks):
args = callbacks.getCommandLineArguments()
if '--report' not in args:
return
output = File(args[args.index('--report') + 1])
@pajswigger
pajswigger / Rewrite.py
Last active March 15, 2018 22:57
from burp import IBurpExtender, IHttpListener
import json
class BurpExtender(IBurpExtender, IHttpListener):
def registerExtenderCallbacks(self, callbacks):
self.helpers = callbacks.getHelpers()
callbacks.registerHttpListener(self)
def processHttpMessage(self, toolFlag, messageIsRequest, message):