SlideShare ist ein Scribd-Unternehmen logo
1 von 33
Downloaden Sie, um offline zu lesen
Unleashing the Full Potential of
Burp Suite with Extension
Development for Enhanced
Penetration Testing - Jagdish Jogal
29-01-2023 AMA, Ahmedabad
Agenda
● Talk about how to create Burp Suite extension using Jython/Python
which will Decrypt and Encrypt the Complex encrypted requests and
responses on the Fly.
● After this session you will be able to think, How you can build
custom methodology to deal with your applications, do
Automations, and make the security testing easy by expanding the
functionality of Burp Suite.
Profile
Jagdish Jogal
● Team Leads at Net-Square Solutions Private Limited
● Expertise in Web and Mobile application testing,
Complex JS debugging, Automation development for
testing, etc
● Twitter: @j_jogal_545 / LinkedIn: jagdish-jogal
Demo of the application and the scenario
Complex application with AES encryption in requests and responses.
Testing Scenario - 1 (Full Body encryption)
Testing Scenario - 2 (Encryption in Parameter)
Testing Scenario - 3 (Encryption in Json data)
Testing Scenario - 4 (Encryption in XML data)
What you need to know
- Python programming language.
- Some Java UI for custom UI for extension
- Some Object Oriented programming language concepts like,
- Java Interface Overriding &
- Python method Inheritance
Java Interface / Method overriding concept
Python Inheritance
# Define the Animal class
class Animal:
def move(self):
print("The animal is moving.")
class Dog(Animal):
# The Dog class automatically inherits the move() method from the Animal class
pass
# Create a Dog object and call the move() method on it
dog = Dog()
dog.move() # Output: "The animal is moving."
Introduction to Burp Suite API
Burp Suite API documentation
Javadoc:
https://portswigger.net/burp/extender/api/
Extender API:
https://github.com/PortSwigger/burp-extender-api
Burp Suite API documentation
Environment Setup
Ref: https://www.jython.org/download.html
Environment Setup (Dependencies directory)
Basic Implementation Burp Suite Extension
from burp import IBurpExtender
class BurpExtender(IBurpExtender):
def registerExtenderCallbacks(self, callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self._callbacks.setExtensionName('I am New Extension')
print("Hello World!")
Understanding Imports
First line: from burp import IBurpExtender
All other interfaces which our classes will implement(needed to import):
- IMessageEditorTabFactory, IMessageEditorTab
- IIntruderPayloadGeneratorFactory, IIntruderPayloadGenerator
- IScannerInsertionPointProvider, IScannerInsertionPoint
- IContextMenuFactory
- IHttpListener
Other interfaces can be implemented through Callbacks.
Other Imports
From Python:
from os import makedirs, path
from array import array
…
From Java:
from javax.swing import JMenu
from javax.swing import JMenuItem
from javax.swing import JPopupMenu
Callbacks and Helpers
Callbacks:
- Refer to IBurpExtenderCallbacks in documentation
- Will help to
- Enable functionalities and communicate between interfaces of Burp.
Helpers:
- Refer to IExtentionHelpers in documentation.
- Include useful methods and functionalities like,
- Analyze request, decoding/encoding, build request, etc
- Used to obtain and manipulate HTTP messages data.
How we will test the shown application…?
Our Idea:
- We can create a custom Text editor tab which will show the Decrypted data
Runtime and allow us to modify on the fly.
Create a Custom Text Editor Tab
Extension 1: Create a custom Text editor tab
Demo code
IHttpListener for Intruder and Scanner
Extension 2: IHttpListener for Intruder and Scanner
Demo code
Bonus points (Very helpful)
Faster Debugging when developing
Just CTRL+Left click on checkbox for deactivate and reactivate plugin for newer
updates from file.
Modify data of Full request body
# Get Data:
r = self._helpers.analyzeRequest(content)
headers = r.getHeaders()
body = content[r.getBodyOffset():]
# Your logic code
# Return Data:
self.txtInput.setText(self._helpers.buildHttpMessage(headers, body))
Modify data of any Parameter
# Get Data:
parameter = self._extender._helpers.getRequestParameter(content, "param_name")
data = self._extender._helpers.urlDecode(parameter.getValue())
# Your logic code
# Return Data:
self.txtInput.setText(self._helpers.buildHttpMessage(headers, body))
Modify data of any Header
if messageIsRequest:
request = messageInfo.getRequest()
headers = request.getHeaders()
headers = list(headers)
for i, header in enumerate(headers):
if header.startswith("Authorization: "):
headers[i] = "Authorization: Basic admin:password"
break
else:
headers.append("Authorization: Basic admin:password")
messageInfo.setRequest(self._helpers.buildHttpMessage(headers,
request.getRequest()[request.getBodyOffset():]))
Get Help from AI (i.e. ChatGPT)
Ref: https://chat.openai.com/chat
Show Errors Prettier while writing code
Refer: https://github.com/securityMB/burp-exceptions
Thank You
Jagdish Jogal
jagdish@net-square.com

Weitere ähnliche Inhalte

Was ist angesagt?

Spring boot introduction
Spring boot introductionSpring boot introduction
Spring boot introductionRasheed Waraich
 
Debugging Android Native Library
Debugging Android Native LibraryDebugging Android Native Library
Debugging Android Native LibraryNSConclave
 
Java Deserialization Vulnerabilities - The Forgotten Bug Class
Java Deserialization Vulnerabilities - The Forgotten Bug ClassJava Deserialization Vulnerabilities - The Forgotten Bug Class
Java Deserialization Vulnerabilities - The Forgotten Bug ClassCODE WHITE GmbH
 
Pentesting Android Applications
Pentesting Android ApplicationsPentesting Android Applications
Pentesting Android ApplicationsCláudio André
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewMichael Furman
 
Top 10 Web Security Vulnerabilities
Top 10 Web Security VulnerabilitiesTop 10 Web Security Vulnerabilities
Top 10 Web Security VulnerabilitiesCarol McDonald
 
Spring boot
Spring bootSpring boot
Spring bootsdeeg
 
Spring Boot in Action
Spring Boot in Action Spring Boot in Action
Spring Boot in Action Alex Movila
 
C++ Memory Management
C++ Memory ManagementC++ Memory Management
C++ Memory ManagementRahul Jamwal
 
Java ArrayList Tutorial | Edureka
Java ArrayList Tutorial | EdurekaJava ArrayList Tutorial | Edureka
Java ArrayList Tutorial | EdurekaEdureka!
 
Surviving the Java Deserialization Apocalypse // OWASP AppSecEU 2016
Surviving the Java Deserialization Apocalypse // OWASP AppSecEU 2016Surviving the Java Deserialization Apocalypse // OWASP AppSecEU 2016
Surviving the Java Deserialization Apocalypse // OWASP AppSecEU 2016Christian Schneider
 
OWASP-VulnerableFlaskApp
OWASP-VulnerableFlaskAppOWASP-VulnerableFlaskApp
OWASP-VulnerableFlaskAppanilyelken
 

Was ist angesagt? (20)

OWASP TOP 10 VULNERABILITIS
OWASP TOP 10 VULNERABILITISOWASP TOP 10 VULNERABILITIS
OWASP TOP 10 VULNERABILITIS
 
Spring boot introduction
Spring boot introductionSpring boot introduction
Spring boot introduction
 
Introduction to Spring Boot
Introduction to Spring BootIntroduction to Spring Boot
Introduction to Spring Boot
 
Debugging Android Native Library
Debugging Android Native LibraryDebugging Android Native Library
Debugging Android Native Library
 
Java Deserialization Vulnerabilities - The Forgotten Bug Class
Java Deserialization Vulnerabilities - The Forgotten Bug ClassJava Deserialization Vulnerabilities - The Forgotten Bug Class
Java Deserialization Vulnerabilities - The Forgotten Bug Class
 
Pentesting Android Applications
Pentesting Android ApplicationsPentesting Android Applications
Pentesting Android Applications
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's New
 
Java Annotations
Java AnnotationsJava Annotations
Java Annotations
 
Top 10 Web Security Vulnerabilities
Top 10 Web Security VulnerabilitiesTop 10 Web Security Vulnerabilities
Top 10 Web Security Vulnerabilities
 
Spring boot
Spring bootSpring boot
Spring boot
 
Spring Boot in Action
Spring Boot in Action Spring Boot in Action
Spring Boot in Action
 
Introduction to spring boot
Introduction to spring bootIntroduction to spring boot
Introduction to spring boot
 
Introduction to thymeleaf
Introduction to thymeleafIntroduction to thymeleaf
Introduction to thymeleaf
 
Spring Boot
Spring BootSpring Boot
Spring Boot
 
C++ Memory Management
C++ Memory ManagementC++ Memory Management
C++ Memory Management
 
Java basic
Java basicJava basic
Java basic
 
Arrays in Java
Arrays in Java Arrays in Java
Arrays in Java
 
Java ArrayList Tutorial | Edureka
Java ArrayList Tutorial | EdurekaJava ArrayList Tutorial | Edureka
Java ArrayList Tutorial | Edureka
 
Surviving the Java Deserialization Apocalypse // OWASP AppSecEU 2016
Surviving the Java Deserialization Apocalypse // OWASP AppSecEU 2016Surviving the Java Deserialization Apocalypse // OWASP AppSecEU 2016
Surviving the Java Deserialization Apocalypse // OWASP AppSecEU 2016
 
OWASP-VulnerableFlaskApp
OWASP-VulnerableFlaskAppOWASP-VulnerableFlaskApp
OWASP-VulnerableFlaskApp
 

Ähnlich wie Burp Suite Extension Development

Introduction to Software Development
Introduction to Software DevelopmentIntroduction to Software Development
Introduction to Software DevelopmentZeeshan MIrza
 
IRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable SoftwareIRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable SoftwareIRJET Journal
 
Arun Prasad-R.DOCX
Arun Prasad-R.DOCXArun Prasad-R.DOCX
Arun Prasad-R.DOCXArun R
 
Eclipse Launching Framework
Eclipse Launching FrameworkEclipse Launching Framework
Eclipse Launching FrameworkKangho Kim
 
Unit Testing RPG with JUnit
Unit Testing RPG with JUnitUnit Testing RPG with JUnit
Unit Testing RPG with JUnitGreg.Helton
 
JMP103 : Extending Your App Arsenal With OpenSocial
JMP103 : Extending Your App Arsenal With OpenSocialJMP103 : Extending Your App Arsenal With OpenSocial
JMP103 : Extending Your App Arsenal With OpenSocialRyan Baxter
 
IBM Connect 2014 - JMP103: Extending Your Application Arsenal With OpenSocial
IBM Connect 2014 - JMP103: Extending Your Application Arsenal With OpenSocialIBM Connect 2014 - JMP103: Extending Your Application Arsenal With OpenSocial
IBM Connect 2014 - JMP103: Extending Your Application Arsenal With OpenSocialIBM Connections Developers
 
Your Peripheral Has Planted Malware—An Exploit of NXP SOCs Vulnerability
Your Peripheral Has Planted Malware—An Exploit of NXP SOCs VulnerabilityYour Peripheral Has Planted Malware—An Exploit of NXP SOCs Vulnerability
Your Peripheral Has Planted Malware—An Exploit of NXP SOCs VulnerabilityPriyanka Aash
 
Introduction To Eclipse RCP
Introduction To Eclipse RCPIntroduction To Eclipse RCP
Introduction To Eclipse RCPwhbath
 
Reverse engineering – debugging fundamentals
Reverse engineering – debugging fundamentalsReverse engineering – debugging fundamentals
Reverse engineering – debugging fundamentalsEran Goldstein
 
Java performance tuning
Java performance tuningJava performance tuning
Java performance tuningJerry Kurian
 
Github-Source code management system SRS
Github-Source code management system SRSGithub-Source code management system SRS
Github-Source code management system SRSAditya Narayan Swami
 
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1  Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1 securityxploded
 

Ähnlich wie Burp Suite Extension Development (20)

Rsockets ofa12
Rsockets ofa12Rsockets ofa12
Rsockets ofa12
 
Introduction to Software Development
Introduction to Software DevelopmentIntroduction to Software Development
Introduction to Software Development
 
IRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable SoftwareIRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable Software
 
Arun Prasad-R.DOCX
Arun Prasad-R.DOCXArun Prasad-R.DOCX
Arun Prasad-R.DOCX
 
Eclipse Launching Framework
Eclipse Launching FrameworkEclipse Launching Framework
Eclipse Launching Framework
 
Unit Testing RPG with JUnit
Unit Testing RPG with JUnitUnit Testing RPG with JUnit
Unit Testing RPG with JUnit
 
JMP103 : Extending Your App Arsenal With OpenSocial
JMP103 : Extending Your App Arsenal With OpenSocialJMP103 : Extending Your App Arsenal With OpenSocial
JMP103 : Extending Your App Arsenal With OpenSocial
 
IBM Connect 2014 - JMP103: Extending Your Application Arsenal With OpenSocial
IBM Connect 2014 - JMP103: Extending Your Application Arsenal With OpenSocialIBM Connect 2014 - JMP103: Extending Your Application Arsenal With OpenSocial
IBM Connect 2014 - JMP103: Extending Your Application Arsenal With OpenSocial
 
Your Peripheral Has Planted Malware—An Exploit of NXP SOCs Vulnerability
Your Peripheral Has Planted Malware—An Exploit of NXP SOCs VulnerabilityYour Peripheral Has Planted Malware—An Exploit of NXP SOCs Vulnerability
Your Peripheral Has Planted Malware—An Exploit of NXP SOCs Vulnerability
 
Introduction To Eclipse RCP
Introduction To Eclipse RCPIntroduction To Eclipse RCP
Introduction To Eclipse RCP
 
EJB Part-1
EJB Part-1EJB Part-1
EJB Part-1
 
Java 9
Java 9Java 9
Java 9
 
Divyam Virmani
Divyam VirmaniDivyam Virmani
Divyam Virmani
 
Reverse engineering – debugging fundamentals
Reverse engineering – debugging fundamentalsReverse engineering – debugging fundamentals
Reverse engineering – debugging fundamentals
 
Was faqs
Was faqsWas faqs
Was faqs
 
Java lab zero lecture
Java  lab  zero lectureJava  lab  zero lecture
Java lab zero lecture
 
Java performance tuning
Java performance tuningJava performance tuning
Java performance tuning
 
Github-Source code management system SRS
Github-Source code management system SRSGithub-Source code management system SRS
Github-Source code management system SRS
 
Spring boot
Spring bootSpring boot
Spring boot
 
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1  Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
 

Mehr von NSConclave

RED-TEAM_Conclave
RED-TEAM_ConclaveRED-TEAM_Conclave
RED-TEAM_ConclaveNSConclave
 
Create a Custom Plugin in Burp Suite using the Extension
Create a Custom Plugin in Burp Suite using the ExtensionCreate a Custom Plugin in Burp Suite using the Extension
Create a Custom Plugin in Burp Suite using the ExtensionNSConclave
 
IOT SECURITY ASSESSMENT Pentester's Approach
IOT SECURITY ASSESSMENT Pentester's ApproachIOT SECURITY ASSESSMENT Pentester's Approach
IOT SECURITY ASSESSMENT Pentester's ApproachNSConclave
 
Regular Expression Injection
Regular Expression InjectionRegular Expression Injection
Regular Expression InjectionNSConclave
 
HTML5 Messaging (Post Message)
HTML5 Messaging (Post Message)HTML5 Messaging (Post Message)
HTML5 Messaging (Post Message)NSConclave
 
Node.js Deserialization
Node.js DeserializationNode.js Deserialization
Node.js DeserializationNSConclave
 
RIA Cross Domain Policy
RIA Cross Domain PolicyRIA Cross Domain Policy
RIA Cross Domain PolicyNSConclave
 
LDAP Injection
LDAP InjectionLDAP Injection
LDAP InjectionNSConclave
 
Python Deserialization Attacks
Python Deserialization AttacksPython Deserialization Attacks
Python Deserialization AttacksNSConclave
 
NoSql Injection
NoSql InjectionNoSql Injection
NoSql InjectionNSConclave
 
Thick Client Testing Advanced
Thick Client Testing AdvancedThick Client Testing Advanced
Thick Client Testing AdvancedNSConclave
 
Thick Client Testing Basics
Thick Client Testing BasicsThick Client Testing Basics
Thick Client Testing BasicsNSConclave
 
Security Architecture Consulting - Hiren Shah
Security Architecture Consulting - Hiren ShahSecurity Architecture Consulting - Hiren Shah
Security Architecture Consulting - Hiren ShahNSConclave
 
OSINT: Open Source Intelligence - Rohan Braganza
OSINT: Open Source Intelligence - Rohan BraganzaOSINT: Open Source Intelligence - Rohan Braganza
OSINT: Open Source Intelligence - Rohan BraganzaNSConclave
 
Lets get started with car hacking - Ankit Joshi
Lets get started with car hacking - Ankit JoshiLets get started with car hacking - Ankit Joshi
Lets get started with car hacking - Ankit JoshiNSConclave
 
Advanced Wireless Reconnaissance And Testing - Rohit Jadav
Advanced Wireless Reconnaissance And Testing - Rohit JadavAdvanced Wireless Reconnaissance And Testing - Rohit Jadav
Advanced Wireless Reconnaissance And Testing - Rohit JadavNSConclave
 

Mehr von NSConclave (20)

RED-TEAM_Conclave
RED-TEAM_ConclaveRED-TEAM_Conclave
RED-TEAM_Conclave
 
Create a Custom Plugin in Burp Suite using the Extension
Create a Custom Plugin in Burp Suite using the ExtensionCreate a Custom Plugin in Burp Suite using the Extension
Create a Custom Plugin in Burp Suite using the Extension
 
IOT SECURITY ASSESSMENT Pentester's Approach
IOT SECURITY ASSESSMENT Pentester's ApproachIOT SECURITY ASSESSMENT Pentester's Approach
IOT SECURITY ASSESSMENT Pentester's Approach
 
Log Analysis
Log AnalysisLog Analysis
Log Analysis
 
Regular Expression Injection
Regular Expression InjectionRegular Expression Injection
Regular Expression Injection
 
HTML5 Messaging (Post Message)
HTML5 Messaging (Post Message)HTML5 Messaging (Post Message)
HTML5 Messaging (Post Message)
 
Node.js Deserialization
Node.js DeserializationNode.js Deserialization
Node.js Deserialization
 
RIA Cross Domain Policy
RIA Cross Domain PolicyRIA Cross Domain Policy
RIA Cross Domain Policy
 
LDAP Injection
LDAP InjectionLDAP Injection
LDAP Injection
 
Python Deserialization Attacks
Python Deserialization AttacksPython Deserialization Attacks
Python Deserialization Attacks
 
Sandboxing
SandboxingSandboxing
Sandboxing
 
NoSql Injection
NoSql InjectionNoSql Injection
NoSql Injection
 
Thick Client Testing Advanced
Thick Client Testing AdvancedThick Client Testing Advanced
Thick Client Testing Advanced
 
Thick Client Testing Basics
Thick Client Testing BasicsThick Client Testing Basics
Thick Client Testing Basics
 
Markdown
MarkdownMarkdown
Markdown
 
Docker 101
Docker 101Docker 101
Docker 101
 
Security Architecture Consulting - Hiren Shah
Security Architecture Consulting - Hiren ShahSecurity Architecture Consulting - Hiren Shah
Security Architecture Consulting - Hiren Shah
 
OSINT: Open Source Intelligence - Rohan Braganza
OSINT: Open Source Intelligence - Rohan BraganzaOSINT: Open Source Intelligence - Rohan Braganza
OSINT: Open Source Intelligence - Rohan Braganza
 
Lets get started with car hacking - Ankit Joshi
Lets get started with car hacking - Ankit JoshiLets get started with car hacking - Ankit Joshi
Lets get started with car hacking - Ankit Joshi
 
Advanced Wireless Reconnaissance And Testing - Rohit Jadav
Advanced Wireless Reconnaissance And Testing - Rohit JadavAdvanced Wireless Reconnaissance And Testing - Rohit Jadav
Advanced Wireless Reconnaissance And Testing - Rohit Jadav
 

Kürzlich hochgeladen

Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunityDon't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunityApp Ethena
 
Scootsy Overview Deck - Pan City Delivery
Scootsy Overview Deck - Pan City DeliveryScootsy Overview Deck - Pan City Delivery
Scootsy Overview Deck - Pan City Deliveryrishi338139
 
cse-csp batch4 review-1.1.pptx cyber security
cse-csp batch4 review-1.1.pptx cyber securitycse-csp batch4 review-1.1.pptx cyber security
cse-csp batch4 review-1.1.pptx cyber securitysandeepnani2260
 
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...soumyapottola
 
Application of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxApplication of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxRoquia Salam
 
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptxerickamwana1
 
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...
Testing with Fewer Resources:  Toward Adaptive Approaches for Cost-effective ...Testing with Fewer Resources:  Toward Adaptive Approaches for Cost-effective ...
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...Sebastiano Panichella
 
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...Sebastiano Panichella
 
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08LloydHelferty
 
GESCO SE Press and Analyst Conference on Financial Results 2024
GESCO SE Press and Analyst Conference on Financial Results 2024GESCO SE Press and Analyst Conference on Financial Results 2024
GESCO SE Press and Analyst Conference on Financial Results 2024GESCO SE
 
General Elections Final Press Noteas per M
General Elections Final Press Noteas per MGeneral Elections Final Press Noteas per M
General Elections Final Press Noteas per MVidyaAdsule1
 

Kürzlich hochgeladen (11)

Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunityDon't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
Don't Miss Out: Strategies for Making the Most of the Ethena DigitalOpportunity
 
Scootsy Overview Deck - Pan City Delivery
Scootsy Overview Deck - Pan City DeliveryScootsy Overview Deck - Pan City Delivery
Scootsy Overview Deck - Pan City Delivery
 
cse-csp batch4 review-1.1.pptx cyber security
cse-csp batch4 review-1.1.pptx cyber securitycse-csp batch4 review-1.1.pptx cyber security
cse-csp batch4 review-1.1.pptx cyber security
 
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
Understanding Post Production changes (PPC) in Clinical Data Management (CDM)...
 
Application of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptxApplication of GIS in Landslide Disaster Response.pptx
Application of GIS in Landslide Disaster Response.pptx
 
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
05.02 MMC - Assignment 4 - Image Attribution Lovepreet.pptx
 
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...
Testing with Fewer Resources:  Toward Adaptive Approaches for Cost-effective ...Testing with Fewer Resources:  Toward Adaptive Approaches for Cost-effective ...
Testing with Fewer Resources: Toward Adaptive Approaches for Cost-effective ...
 
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
Testing and Development Challenges for Complex Cyber-Physical Systems: Insigh...
 
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
Sunlight Spectacle 2024 Practical Action Launch Event 2024-04-08
 
GESCO SE Press and Analyst Conference on Financial Results 2024
GESCO SE Press and Analyst Conference on Financial Results 2024GESCO SE Press and Analyst Conference on Financial Results 2024
GESCO SE Press and Analyst Conference on Financial Results 2024
 
General Elections Final Press Noteas per M
General Elections Final Press Noteas per MGeneral Elections Final Press Noteas per M
General Elections Final Press Noteas per M
 

Burp Suite Extension Development

  • 1. Unleashing the Full Potential of Burp Suite with Extension Development for Enhanced Penetration Testing - Jagdish Jogal 29-01-2023 AMA, Ahmedabad
  • 2. Agenda ● Talk about how to create Burp Suite extension using Jython/Python which will Decrypt and Encrypt the Complex encrypted requests and responses on the Fly. ● After this session you will be able to think, How you can build custom methodology to deal with your applications, do Automations, and make the security testing easy by expanding the functionality of Burp Suite.
  • 3. Profile Jagdish Jogal ● Team Leads at Net-Square Solutions Private Limited ● Expertise in Web and Mobile application testing, Complex JS debugging, Automation development for testing, etc ● Twitter: @j_jogal_545 / LinkedIn: jagdish-jogal
  • 4. Demo of the application and the scenario Complex application with AES encryption in requests and responses.
  • 5. Testing Scenario - 1 (Full Body encryption)
  • 6. Testing Scenario - 2 (Encryption in Parameter)
  • 7. Testing Scenario - 3 (Encryption in Json data)
  • 8. Testing Scenario - 4 (Encryption in XML data)
  • 9. What you need to know - Python programming language. - Some Java UI for custom UI for extension - Some Object Oriented programming language concepts like, - Java Interface Overriding & - Python method Inheritance
  • 10. Java Interface / Method overriding concept
  • 11. Python Inheritance # Define the Animal class class Animal: def move(self): print("The animal is moving.") class Dog(Animal): # The Dog class automatically inherits the move() method from the Animal class pass # Create a Dog object and call the move() method on it dog = Dog() dog.move() # Output: "The animal is moving."
  • 12. Introduction to Burp Suite API
  • 13. Burp Suite API documentation Javadoc: https://portswigger.net/burp/extender/api/ Extender API: https://github.com/PortSwigger/burp-extender-api
  • 14. Burp Suite API documentation
  • 17. Basic Implementation Burp Suite Extension from burp import IBurpExtender class BurpExtender(IBurpExtender): def registerExtenderCallbacks(self, callbacks): self._callbacks = callbacks self._helpers = callbacks.getHelpers() self._callbacks.setExtensionName('I am New Extension') print("Hello World!")
  • 18. Understanding Imports First line: from burp import IBurpExtender All other interfaces which our classes will implement(needed to import): - IMessageEditorTabFactory, IMessageEditorTab - IIntruderPayloadGeneratorFactory, IIntruderPayloadGenerator - IScannerInsertionPointProvider, IScannerInsertionPoint - IContextMenuFactory - IHttpListener Other interfaces can be implemented through Callbacks.
  • 19. Other Imports From Python: from os import makedirs, path from array import array … From Java: from javax.swing import JMenu from javax.swing import JMenuItem from javax.swing import JPopupMenu
  • 20. Callbacks and Helpers Callbacks: - Refer to IBurpExtenderCallbacks in documentation - Will help to - Enable functionalities and communicate between interfaces of Burp. Helpers: - Refer to IExtentionHelpers in documentation. - Include useful methods and functionalities like, - Analyze request, decoding/encoding, build request, etc - Used to obtain and manipulate HTTP messages data.
  • 21. How we will test the shown application…? Our Idea: - We can create a custom Text editor tab which will show the Decrypted data Runtime and allow us to modify on the fly.
  • 22. Create a Custom Text Editor Tab
  • 23. Extension 1: Create a custom Text editor tab Demo code
  • 25. Extension 2: IHttpListener for Intruder and Scanner Demo code
  • 26. Bonus points (Very helpful)
  • 27. Faster Debugging when developing Just CTRL+Left click on checkbox for deactivate and reactivate plugin for newer updates from file.
  • 28. Modify data of Full request body # Get Data: r = self._helpers.analyzeRequest(content) headers = r.getHeaders() body = content[r.getBodyOffset():] # Your logic code # Return Data: self.txtInput.setText(self._helpers.buildHttpMessage(headers, body))
  • 29. Modify data of any Parameter # Get Data: parameter = self._extender._helpers.getRequestParameter(content, "param_name") data = self._extender._helpers.urlDecode(parameter.getValue()) # Your logic code # Return Data: self.txtInput.setText(self._helpers.buildHttpMessage(headers, body))
  • 30. Modify data of any Header if messageIsRequest: request = messageInfo.getRequest() headers = request.getHeaders() headers = list(headers) for i, header in enumerate(headers): if header.startswith("Authorization: "): headers[i] = "Authorization: Basic admin:password" break else: headers.append("Authorization: Basic admin:password") messageInfo.setRequest(self._helpers.buildHttpMessage(headers, request.getRequest()[request.getBodyOffset():]))
  • 31. Get Help from AI (i.e. ChatGPT) Ref: https://chat.openai.com/chat
  • 32. Show Errors Prettier while writing code Refer: https://github.com/securityMB/burp-exceptions

Hinweis der Redaktion

  1. This is me on twitter at j_jogal_545
  2. Image needs to added here of full body selected
  3. Image needs to added here of just one parameter selected And add the code
  4. Image needs to added here of just header selected And add the code
  5. Image needs to added here of just header selected And add the code