To create Burp extension which runs for Proxy, Repeater, Scanner, Intruder, etc., it is required that “ISessionHandlingAction” interface and also it’s two methods “getActionName” and “performAction” are overridden as shown in Figure: Step 2: To create a Burp extension, create “BurpExtender.java” file in the “burp” directory (this is inside the directory created in the above step). Step 1: In order to create Burp extension using Java, it is required that Burp Extension API interface files are saved in a directory (In our case it’s CustomExtension) as shown in Figure: Steps to create Burp extension are mentioned below: Hold-on! Before we go any further, follow “ ” to understand the basics of Burp Suite extension flow.įor the purpose of this blog, we used Java programming language to create Burp extension for the above mentioned problem. There are multiple programming languages that support creation of Burp extensions: To tackle this situation, we tried to build a solution using Burp extension. Pentesting an application that has integrity checks is difficult, as every automated tool including Burp Suite would fail to provide fruitful results that are obtained otherwise. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |