![]() This is the general design pattern for the new Montoya API. When Burp loads your extension, it passes a MontoyaApi object to the initialize method in your code, which then becomes your extension’s handle for interacting with Burp Suite. Like all new Burp extensions, we need to define a new interface that implements the BurpExtension class (1) and has an initialize method that accepts a MontoyaApi object (2). Numbers in the following paragraphs correspond to those in the screenshot below. Let’s start taking a look at our code and the basic ingredients we’ll need for a functional extension. In my use case, Username and Password options are never used, so they have been omitted in the SOCKS Settings extension to reduce on-screen clutter: The stock settings page can be seen below. ![]() SOCKS Settingsīurp’s SOCKS Proxy settings page is already quite good and offers all the configuration options that we want, so for this extension, we’re primarily focused on re-implementing the existing functionality into a new “SOCKS Settings” tab. I think that the Burp Extension ecosystem has a lot of room for these Quality-of-Life-type improvements, and I hope by the end of the tour you’ll have the confidence to develop a new extension and make your life a little easier too. In this article, we’ll take a tour of the features of the extension and discuss some tips for folks new to the Montoya API and NetBeans GUI development. To make SOCKS settings available in a single click, I have developed the SOCKS Settings extension seen below. Burp’s Settings page is intuitive and easy to use, but accessing the SOCKS-specific settings requires three-clicks-and-a-scroll that becomes a bit of a nuisance. As a web application pentester frequently conducting tests over SOCKS proxies, I create new Burp projects and reconfigure Burp’s SOCKS Proxy Settings almost each day, and often multiple times per day. If you have been using Burp Suite for a while, you probably have some ideas for small features or tweaks to improve your everyday Quality-of-Life experience. Improving Quality-Of-Life With Simple Burp Suite Extensions (Part One)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |