miércoles, 3 de junio de 2020

Setting Up A Burp Development Environment

This quick blog post will document getting started with developing Burp extensions using java. Burp provides interfaces for developers to hook into the Burp application and extend the application or integrate with other tools, this interface is documented on the following site - http://portswigger.net/burp/extender/

For this guide you will need the following items:


After downloading and opening up Eclipse you will need to create a new java project. This can be done by clicking "File->New Java Project". Fill in a project name and click finish.

Once the project has been created you will need to create a new package called "burp". This can be done by right clicking the "src" folder under your new project and selecting "New->Package". When the dialog comes up set the "Name" as "burp":

You should now have a package named "burp" under the source folder in the right pane. Now you will need to import the Burp extender classes into your project. Download all of the extender classes to a local folder, once this is done right click on the "burp" package in your project and select "Import". On the dialog window that comes up select "General->File System" and hit "next":

On the next dialog you will need to navigate to where you downloaded the Burp extender classes to. Once you have done this you should see the classes, click on the folder to select all items and click "Finish":

Next we can add the Burp application into the project. To do this click on "Project->Properties" on the top toolbar. When the dialog opens select "Java Build Path" and then the "Libraries" tab. On this dialog click "Add External JARs..."
Navigate to where ever you have Burp downloaded to and select it. After you have done this click "OK" to dismiss the dialog. You are now ready to build your own Burp extensions. You can test your environment by creating a new class in the burp package named "BurpExtender". Right click the "burp" package and click "New->Class". On the dialog that comes up enter "BurpExtender" and click "Finish":

In the "BurpExtender" class you can enter the following:


package burp;


public class BurpExtender
{
    public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks)
    {
        callbacks.registerMenuItem("Hello World.", new CustomMenuItem());
    }
}


class CustomMenuItem implements IMenuItemHandler
{
    public void menuItemClicked(String menuItemCaption, IHttpRequestResponse[] messageInfo)
    {
        try
        {
            System.out.println("Hello From Burp!");
            System.out.println("Request Item Details");
            System.out.println("Host: " + messageInfo[0].getHost());
            System.out.println("URL: " + messageInfo[0].getUrl());


        }
        catch (Exception e)
        {
            e.printStackTrace();
        }
    }
}


After adding the content to your "BurpExtender" class you are ready to run the project for the first time. Click on "Run->Run" from the menu. You should see the following dialog asking how it should run your project:
Select "Java Application" and click "Ok". Next you should receive a dialog asking which application you want to run. Select "StartBurp - burp" and click "Ok":

You should now see the burp application running. Intercept a request in the application and right click on the request, you should now see an item in the menu named "Hello World."

When you click the "Hello World." menu button you should see some information about the request in your eclipse console window:

That's it, you now have setup your working development environment for building your own Burp extensions. The javadocs for the Burp Extender interfaces are available on the Extender web page:


More info


  1. Pentestlab
  2. How To Pentest A Network
  3. Pentest Jobs
  4. Pentest Software
  5. Hacking Names
  6. Hacking For Dummies
  7. Pentest Tools
  8. Pentest Azure
  9. Pentest Environment
  10. Hacking Programs
  11. Rapid7 Pentest
  12. Pentesting And Ethical Hacking

1 comentario:


  1. Contact us(wizardcyprushacker@gmail.com ) whatsapp +1 (424) 209-7204

    if you need help with these:

    ?CLEAR CRIMINAL RECORDS
    ?DETECTABLE & UNDETECTABLE HACK ( PC,iPhone, Android or Organization computers)
    ?WEBSITES/SOCIAL MEDIA HACK (FB,Email, Skype,Tinder,Twitter,WhatsApp,Snapchat,Instagram,Telegram e.t.c)
    ?FLIP CASH AND COIN DOUBLING
    ?LOAD CREDIT CARDS
    ?BINARY OPTIONS SCAM RETRIEVALS
    ?BITCOINS (BTC) HACK
    ?PAYPAL ACCOUNT HACK (Verified acct only)
    ?INSTITUTION RESULT UPGRADE (College or High School)
    ?DATABASE HACK
    ?MONEY TRANSFER (specific to certain accounts)
    ?LOAN WITHOUT COLLATERALS
    ?WE INSTALL UNNOTICEABLE TRACK SOFTWARE ON TARGET'S DEVICE
    ?AND MANY OTHER CYBER RELATED ISSUES.
    All these were carried out in the shortest time possible with significant experience on each aspect.

    Contact:
    Email: wizardcyprushacker@gmail.com

    ResponderBorrar