Paul Johnston pajswigger
pajswigger
/ CopySitemap.py
Created
November 24, 2017 12:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IBurpExtender, IContextMenuFactory, IContextMenuInvocation, IHttpRequestResponse | |
| from javax.swing import JMenuItem, AbstractAction, JOptionPane | |
| from java.net import Proxy, InetSocketAddress, URL | |
| import threading, traceback, sys | |
| from urlparse import urlparse | |
| def get_request_info(req): | |
| return callbacks.getHelpers().analyzeRequest(req.getHttpService(), req.getRequest()) |
pajswigger
/ crlf-fixup.py
Created
October 31, 2017 14:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IBurpExtender, IHttpListener | |
| class BurpExtender(IBurpExtender, IHttpListener): | |
| def registerExtenderCallbacks(self, callbacks): | |
| self.callbacks = callbacks | |
| callbacks.registerHttpListener(self) | |
| def processHttpMessage(self, toolFlag, messageIsRequest, message): | |
| helpers = self.callbacks.getHelpers() |
pajswigger
/ python-scan-issue.py
Created
October 23, 2017 13:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IBurpExtender, IScannerCheck, IScanIssue | |
| from java.net import URL | |
| import jarray | |
| class CustomCheck(IScannerCheck): | |
| def __init__(self, callbacks): | |
| self.callbacks = callbacks | |
| self.helpers = callbacks.getHelpers() |
pajswigger
/ Consolidate.py
Created
September 18, 2017 14:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IBurpExtender, IScannerCheck, IScanIssue | |
| class BurpExtender(IBurpExtender): | |
| def registerExtenderCallbacks(self, callbacks): | |
| callbacks.registerScannerCheck(ScanCheck(callbacks)) | |
| class ScanCheck(IScannerCheck): | |
| def __init__(self, callbacks): |
pajswigger
/ ScanPoint.py
Created
August 10, 2017 08:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IBurpExtender | |
| import jarray | |
| req = b"""GET /test?input=foo HTTP/1.1 | |
| Host: localhost | |
| Upgrade-Insecure-Requests: 1 | |
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 | |
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 | |
| Accept-Language: en-GB,en-US;q=0.8,en;q=0.6 | |
| Connection: close |
pajswigger
/ csrf-session-handler.py
Created
June 26, 2017 08:34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IBurpExtender, ISessionHandlingAction | |
| class BurpExtender(IBurpExtender): | |
| def registerExtenderCallbacks(self, callbacks): | |
| callbacks.registerSessionHandlingAction(CsrfSessionHandler(callbacks.getHelpers())) | |
| class CsrfSessionHandler(ISessionHandlingAction): | |
| def __init__(self, helpers): |
NewerOlder