Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork14
Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules
License
synfron/ReshaperForBurp
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Extension for Burp Suite to trigger actions and reshape HTTP request/response and WebSocket traffic using configurable Rules
Rules allow you to set actions to perform (called Thens) if messages/connections (event) received by Burp Suite meet certain criteria (called Whens). Rules are processed in order.
Content Type - If the HTTP request body is reported to match specified content types
Event Direction - If the HTTP message is a Request or Response, or if the WebSocket message is directed toward the client or server
From Tool - If the HTTP/WebSocket message is from a specific Burp tool
Has Entity - If the HTTP/WebSocket event contains a certain message value entity
In Scope - If the URL is in the suite-wide scope
Matches Text - If a value (text, variable, or HTTP/WebSocket message value entity) matches a value
Message Type - If the WebSocket message is text or binary
MIME Type - If the HTTP response body is reported to match specified MIME types
Proxy Name - If received by a certain Burp proxy listener
Repeat - Repeat a group of When constraints for each item in a list
Break - Stop Rules or then action processing
Build HTTP Message - Build an HTTP request or response message and store the full text in a variable
Comment - Add a comment to the line item in the HTTP/WebSocket history
Delay - Delay further processing/sending of the HTTP/WebSocket event
Delete Value - Remove an HTTP message entity
Delete Variable - Delete a variable
Drop - Have Burp drop the connection
Evaluate - Perform operations on values
Extract - Extract values into lists
Generate - Generate a value
Highlight - Highlight the line item in the HTTP/WebSocket history
Intercept - Intercept the message in the Proxy interceptor
Log - Log message to the Burp extension console
Parse HTTP Message - Extract values from an HTTP request or response message and store the values in variable
Prompt - Get text via a prompt dialog
Read File - Read a file
Repeat - Repeat a group of Then actions by count, boolean value, or for each item in a list
Run Process - Execute a command in a separate process
Run Rules - Run a specific Rule or all auto-run Rules
Run Script - Execute a JavaScript script
Save File - Save text to a file
Send Message - Send a separate WebSocket message
Send Request - Send a separate HTTP request
Send To - Send data to other Burp tools or the system's default browser
Set Encoding - Set the encoding used to read and write bytes of the HTTP request or response body, or WebSocket message
Set Event Direction - Change whether to send a request or to send a response at the end of processing
Set Value - Set the value of an HTTP/WebSocket event using another value (text, variable, or HTTP/WebSocket event entity)
Set Variable - Set a variable using another value (text, variable, or HTTP/WebSocket event entity)
Transform - Transform/convert a value
Share values across different Rules while processing the same event or all events.
- Open IntelliJ.
- Create a new project (Gradle) from existing source using Java 21.
- Once the project is created/open, wait for IntelliJ to process Gradle dependencies.
- Run the
jar
Gradle build task under theextension
module from the Gradle tool window/sidebar. The JAR will be placed in theextension/build/libs
directory.
- Install Java 21.
- Install Gradle v8.6.
- Open a terminal into the
extension
directory of the project. - Run the
gradle --refresh-dependencies build jar
command. - The JAR will be placed in the
extension/build/libs
directory.
- Set the environment variable
BURP_JAR_PATH
to theburpsuite_community.jar
file location. (e.g.C:\Users\<user>\AppData\Local\Programs\BurpSuiteCommunity\burpsuite_community.jar
on Windows) - In Reshaper, using the Settings tab, export all Rules and global variables to a JSON file to prevent data loss.
- In Extender, unload the Reshaper extension from Burp Suite if you already have the extension installed from the BApp Store or from a JAR.
- Close Burp Suite.
- Open the Reshaper project in IntelliJ.
- Navigate to
debug/src/main/java/synfron/reshaper/burp/debug/Burp.java
. - Right-click the file in the Project view and click
Run Burp.main()
orDebug Burp.main()
. - Burp Suite will open with Reshaper loaded as an legacy extension.
Contributions are encouraged. Issues and Pull Requests welcome. Also help us spread the word.
Primary Developer: Daquanne Dwight
For help with how to use Reshaper for a particular need, to report a bug, or to make a suggestion, create an issue in GitHub or email support[at]synfron.com.
MIT License. SeeLICENSE
About
Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Sponsor this project
Uh oh!
There was an error while loading.Please reload this page.
Packages0
Contributors3
Uh oh!
There was an error while loading.Please reload this page.