Enlarge your burp or how not to be afraid of JavaDocs...Enlarge your burp or how not to be afraid of...
Transcript of Enlarge your burp or how not to be afraid of JavaDocs...Enlarge your burp or how not to be afraid of...
Enlarge your burp or how not to be afraid of JavaDocs
Igor Bulatenko Ivan Elkin
Sources
h"ps://goo.gl/oYjBTg(python)
#whoami
• #videns• HeadofQIWIapplicaAonsecuritydepartment• FormersecuritysoFwaredeveloper• CTFplayerandorganizer(TechnoPandas)• JBFCMemberJ
Whatisallabout
• Whypeople(us)useburp• Burp101
• Officialinfo• OtherpresentaAons
• Internals• Plugins
Isitgood?
• #1amongwebscanners*• CrossplaTorm• GoodformanualvulnerabiliAestesAng• Canscanwholeinternet• Hasplugins• Mostpopularvulnerabilitychecks• GartnerchallengersforAST
Unofficialinfos
h"p://www.slideshare.net/jasonhaddix/bsides-finalh"p://www.slideshare.net/AugustDetlefsen/burp-extensionsh"p://www.slideshare.net/marcwickenden/burp-plugin-development-for-java-n00bs-44-conh"p://www.agarri.fr/docs/HiP2k13-Burp_Pro_Tips_and_Tricks.pdfh"p://www.youtube.com/watch?v=Q2WK5LpDbxwh"p://www.youtube.com/watch?v=N-IKHmGjf2ch"ps://twi"er.com/everythingburph"p://www.slideshare.net/AugustDetlefsen/appsec-usa-2015-customizing-burp-suite
Whyimproveit?
• NotcorrectuseofAPI• Scanfullness• TimeforimplemenAngnewtechniques
How it works (spidering)
How its works (active scan)
Demo 01
• SimplestPlugin• ShowloggingfuncAonality(stdout,stderr)• LogInserAonPointsinfo
• NestedInserAonPoint• DoAcAveScan• Howtodebuginpython(jython)
Demo 02
• DoAcAveScan• Buildingrequestfora"ack• Howrequestsarecounted(scannertab)• Sendrequestsviacallbacksorviajython
• HighlighAnginrequest/responses
Demo 03
• Errormessagecheck(h"p://virvales.blogspot.ru/2015/08/burp-stacktrace-sniffer.html)
• H"pListener• Manualaddingscanissue
You’re doing it wrong
Right way
Demo 04
InserAonPointProviderCustomInserAonPoint,necessarymethodsLoggingpayloads
The end (part 1)