{"id":14638170,"url":"https://github.com/devoteam-cybertrust/burpcollaborator-docker","last_synced_at":"2026-04-09T19:07:13.974Z","repository":{"id":71559609,"uuid":"131403380","full_name":"devoteam-cybertrust/burpcollaborator-docker","owner":"devoteam-cybertrust","description":"This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate. The objective is to simplify as much as possible the process of setting up and maintaining the server.","archived":false,"fork":false,"pushed_at":"2024-07-14T01:17:56.000Z","size":28,"stargazers_count":279,"open_issues_count":2,"forks_count":42,"subscribers_count":11,"default_branch":"master","last_synced_at":"2024-10-29T16:58:47.151Z","etag":null,"topics":["burp-collaborator-server","docker","letsencrypt-certificates"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devoteam-cybertrust.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-04-28T11:21:42.000Z","updated_at":"2024-08-12T19:38:07.000Z","dependencies_parsed_at":"2023-02-22T19:16:16.977Z","dependency_job_id":"43b37460-4c38-4159-acaf-9ca4895df8f4","html_url":"https://github.com/devoteam-cybertrust/burpcollaborator-docker","commit_stats":null,"previous_names":["devoteam-cybertrust/burpcollaborator-docker","integrity-sa/burpcollaborator-docker"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/devoteam-cybertrust/burpcollaborator-docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devoteam-cybertrust%2Fburpcollaborator-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devoteam-cybertrust%2Fburpcollaborator-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devoteam-cybertrust%2Fburpcollaborator-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devoteam-cybertrust%2Fburpcollaborator-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devoteam-cybertrust","download_url":"https://codeload.github.com/devoteam-cybertrust/burpcollaborator-docker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devoteam-cybertrust%2Fburpcollaborator-docker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274005341,"owners_count":25205934,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["burp-collaborator-server","docker","letsencrypt-certificates"],"created_at":"2024-09-10T02:01:49.412Z","updated_at":"2026-04-09T19:07:13.860Z","avatar_url":"https://github.com/devoteam-cybertrust.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# Burp Collaborator Server docker container with LetsEncrypt certificate\n\nThis repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate.\nThe objective is to simplify as much as possible the process of setting up and maintaining the server.\n\n## Setup your domain\nDelegate a domain or subdomain to your soon-to-be burp collaborator server IP address. At the minimum you'll need an NS record for the domain/subdomain to be used.  \n\nFor example, if your collaborator domain is `burpserver.example`, you need to make NS records pointing with an A record to the public IP of the server: `1.2.3.4`\n\nHere as an example `dig` command to confirm:\n```bash\ndig NS burpserver.example\n\nOutput:\n; \u003c\u003c\u003e\u003e DiG 9.10.6 \u003c\u003c\u003e\u003e NS burpserver.example\n;; global options: +cmd\n;; Got answer:\n;; -\u003e\u003eHEADER\u003c\u003c- opcode: QUERY, status: NOERROR, id: 49449\n;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3\n\n;; OPT PSEUDOSECTION:\n; EDNS: version: 0, flags:; udp: 4000\n;; QUESTION SECTION:\n;burpserver.example.                       IN      NS\n\n;; ANSWER SECTION:\nburpserver.example.                308     IN      NS      ns2.burpserver.example.\nburpserver.example.                308     IN      NS      ns1.burpserver.example.\n\n;; ADDITIONAL SECTION:\nns2.burpserver.example.            308     IN      A       1.2.3.4\nns1.burpserver.example.            308     IN      A       1.2.3.4\n\n;; Query time: 52 msec\n;; SERVER: 8.8.8.8#53(8.8.8.8)\n;; WHEN: Fri Jul 12 11:20:29 EDT 2024\n;; MSG SIZE  rcvd: 104\n```\n\nCheck https://portswigger.net/burp/documentation/collaborator/deploying#dns-configuration for further info.\n\n## Requirements\n\n* Internet accessible server \n* bash\n* docker\n* bc \n* openssl\n* Burp Suite Professional\n\n## Setup the environment \n\n* Clone or download the repository to the server (tested on ubuntu 16.04) to a directory of your choice.\n* Put the Burp Suite JAR file in ```./burp/pkg/burp.jar``` (make sure the name is exactly ```burp.jar```, and it is the actual file **not a link**)\n* Run init.sh with your subdomain and server public IP address as argument:\n\n```./init.sh burp.example.com 1.2.3.4```\n\nThis will start the environment for the subdomain ```burp.example.com```, creating a wildcard certificate as ```*.burp.example.com```.\n\nI'm using an ugly hack on the certbot-dns-cloudflare plugin from certbot, where it just runs a local dnsmasq with the required records, and makes\nall of this automagically happen.\n\nIf everything is OK, burp will start with the following message:\n\n\u003e Burp is now running with the letsencrypt certificate for domain *.burp.example.com\n\nYou can check by running ```docker ps```, and going to burp, and pointing the collaborator configuration to your new server. \nKeep it mind that this configuration configures the *polling server on port 9443*.\n\nThe init.sh script will be renamed and disabled, so no accidents may happen.\n\n## Certificate renewal\n\n* There's a renewal script in ```./certbot/certificaterenewal.sh```. When run, it renews the certificate if it expires in 30 days or less;\n* Optionally, edit the RENEWDAYS variable if you wish to. By default it will renew the certificate every 60 days. *If you want to force the renewal to check if everything is working, just set it to 89 days, and run it manually. Remember to set it back to 60 afterwards.*;\n* Set your crontab to run this script once a day.\n\n## Updating Burp Suite\n\n* Download it and make sure you put it in ```./burp/pkg/burp.jar```\n* Restart the container with ```docker restart burp```\n\n## Docker and UFW\nIf you use UFW/IPTables as your firewall on the host, both UFW and docker modify the same [iptables](https://en.wikipedia.org/wiki/Iptables \"iptables\") configurations. Whatever UFW rules you have set, running a docker container completely ignores them and allows traffic, regardless of whether you explicitly block access. In order to fix the issue and be able to use UFW properly with docker, read this: \n\nhttps://blog.jarrousse.org/2023/03/18/how-to-use-ufw-firewall-with-docker-containers/\n\nThese instructions assume you have the default docker set up and didn't try to fix the problem yourself yet.\n**Download `ufw-docker` script**\n```bash\nsudo wget -O /usr/local/bin/ufw-docker https://github.com/chaifeng/ufw-docker/raw/master/ufw-docker\nsudo chmod +x /usr/local/bin/ufw-docker\n```\n\nThen using the following command to modify the `after.rules` file of `ufw`\n```bash\nufw-docker install\n```\n\nreboot the host and check if you can access the ports of your container.\n\nNow allow the traffic to the ports on the containers\n- Use the actual port thats open on the container, not the one its binded to on the host\n- `burp` is the container name, so thats what we use with below command\n```bash\ndocker ps -a\nsudo ufw-docker allow burp 8443\n```\n\u003cimg width=\"1718\" alt=\"Pasted image 20240713201717\" src=\"https://github.com/user-attachments/assets/be02f47e-5088-4d55-a5fa-ae3e9b137430\"\u003e\n\nI have provided the commands conventiently for you here:\n```bash\nsudo ufw-docker allow burp 8053\nsudo ufw-docker allow burp 8053/udp\nsudo ufw-docker allow burp 8080\nsudo ufw-docker allow burp 8443\nsudo ufw-docker allow burp 8465\nsudo ufw-docker allow burp 8587\nsudo ufw-docker allow burp 8080\n```\n\nI HIGHLY recommend restricting access to your polling port from an IP address or network. Don't allow the general internet to use your burp collab server for free!\n- `your_whitelisted_ip` is your public IP to allow access from\n- `your_containers_local_ip` is 172.x.x.x\n\n```bash\nufw route allow proto tcp from your_whitelisted_ip to your_containers_local_ip port 9443\n```\n\nYou should be good to go and have your UFW locked down!\n\n---\n**Author:** [Bruno Morisson](https://twitter.com/morisson)\n\nThanks to [Fábio Pires](https://twitter.com/fabiopirespt) (check his burp collaborator w/letsencrypt [tutorial](https://blog.fabiopires.pt/running-your-instance-of-burp-collaborator-server/)) and [Herman Duarte](https://twitter.com/hdontwit) (for betatesting and fixes)\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevoteam-cybertrust%2Fburpcollaborator-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevoteam-cybertrust%2Fburpcollaborator-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevoteam-cybertrust%2Fburpcollaborator-docker/lists"}