{"id":13845152,"url":"https://github.com/depycode/burpsuite_hack","last_synced_at":"2025-07-12T01:31:50.372Z","repository":{"id":90562216,"uuid":"597979083","full_name":"depycode/burpsuite_hack","owner":"depycode","description":"一款代理扫描器","archived":false,"fork":false,"pushed_at":"2023-05-05T15:14:09.000Z","size":353,"stargazers_count":516,"open_issues_count":7,"forks_count":64,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-11-21T18:38:56.275Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/depycode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-02-06T06:02:18.000Z","updated_at":"2024-11-18T06:54:06.000Z","dependencies_parsed_at":"2023-07-09T03:15:06.740Z","dependency_job_id":null,"html_url":"https://github.com/depycode/burpsuite_hack","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/depycode/burpsuite_hack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/depycode%2Fburpsuite_hack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/depycode%2Fburpsuite_hack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/depycode%2Fburpsuite_hack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/depycode%2Fburpsuite_hack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/depycode","download_url":"https://codeload.github.com/depycode/burpsuite_hack/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/depycode%2Fburpsuite_hack/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264923078,"owners_count":23683716,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T17:03:14.548Z","updated_at":"2025-07-12T01:31:49.808Z","avatar_url":"https://github.com/depycode.png","language":"Python","readme":"# burpsuite_hack\n一款代理扫描器\n\n- 适配python3.6+ \n\n- 支持 GET/POST/无限嵌套json、list的漏洞探测\n\n- 扫描请求去重\n\n- 基本不会触发WAF,最小化探测\n\n详细请见:https://www.cnblogs.com/depycode/p/17079397.html\n# 整体架构\n![image](https://github.com/depycode/burpsuite_hack/blob/master/p2.png)\n\n# 使用方法\n- burpsuite 插件加载:BurpExtender_ALL_UI.py ,修改socks host、port 为扫描端对应的ip和端口,然后点击set\n![image](https://github.com/depycode/burpsuite_hack/blob/master/p1.png)\n![image](https://github.com/depycode/burpsuite_hack/blob/master/p4.png)\n\n- 扫描端启动\n```\nnohup python3 MyUDPHandler_Threads.py \u0026\n```\n\n# 创建数据库\n\n```\n+--------------------+\n| Tables_in_burphack |\n+--------------------+\n| sql_bool |\n| sql_error |\n| ssrf |\n+--------------------+\n```\n\n```\n+----------+-------------------------------------------------------------------+\n| Database | Create Database |\n+----------+-------------------------------------------------------------------+\n| burphack | CREATE DATABASE `burphack` /*!40100 DEFAULT CHARACTER SET utf8 */ |\n+----------+-------------------------------------------------------------------+\n```\n\n```\n+----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n| Table | Create Table |\n+----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n| sql_bool | CREATE TABLE `sql_bool` (\n `id` int(11) NOT NULL AUTO_INCREMENT,\n `host` varchar(255) NOT NULL,\n `risk` int(11) NOT NULL,\n `bool_true_resp` mediumtext NOT NULL,\n `bool_true_req` mediumtext NOT NULL,\n `bool_false_resp` mediumtext,\n `bool_false_req` mediumtext,\n `first_resp` mediumtext NOT NULL,\n `payload` varchar(255) NOT NULL,\n `first_req` mediumtext NOT NULL,\n `create_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP,\n PRIMARY KEY (`id`)\n) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COMMENT='bool型sql注入' |\n+----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n```\n\n```\n+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n| Table | Create Table |\n+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n| sql_error | CREATE TABLE `sql_error` (\n `id` int(11) NOT NULL AUTO_INCREMENT,\n `request_data` mediumtext,\n `response` mediumtext,\n `host` varchar(255) DEFAULT NULL,\n `dbms` varchar(255) DEFAULT NULL,\n `create_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n PRIMARY KEY (`id`)\n) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 |\n+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n```\n\n```\n+-------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n| Table | Create Table |\n+-------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n| ssrf | CREATE TABLE `ssrf` (\n `id` int(11) NOT NULL AUTO_INCREMENT,\n `payload` varchar(255) DEFAULT NULL,\n `request_data` mediumtext,\n `response` mediumtext,\n `host` varchar(255) DEFAULT NULL,\n `is_vul` int(11) DEFAULT '0' COMMENT '0 默认值\\n1 存在漏洞',\n `create_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP,\n `vuType` int(11) DEFAULT NULL COMMENT '1 ssrf\\n2 rce',\n PRIMARY KEY (`id`)\n) ENGINE=InnoDB AUTO_INCREMENT=16625 DEFAULT CHARSET=utf8 COMMENT='历史ssrf探测请求' |\n+-------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+\n```\n\n# 实战成果\n- TSRC\n\n![image](https://github.com/depycode/burpsuite_hack/blob/master/p3.png)\n\n# 参考\n- https://github.com/w-digital-scanner/w13scan\n","funding_links":[],"categories":["burpsuite插件","Python"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdepycode%2Fburpsuite_hack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdepycode%2Fburpsuite_hack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdepycode%2Fburpsuite_hack/lists"}