{"id":18789735,"url":"https://github.com/jimmy-ly00/burp-extensions","last_synced_at":"2026-05-03T15:34:04.834Z","repository":{"id":181402337,"uuid":"361967399","full_name":"jimmy-ly00/burp-extensions","owner":"jimmy-ly00","description":"A collection of burp extensions","archived":false,"fork":false,"pushed_at":"2021-08-06T14:18:31.000Z","size":21,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-21T13:18:11.457Z","etag":null,"topics":["burp","burp-extensions","burp-plugin","burpsuite-tools","http-header","http-headers","python","subprocess","subprocesses"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jimmy-ly00.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2021-04-27T03:22:52.000Z","updated_at":"2024-09-29T00:00:20.000Z","dependencies_parsed_at":"2023-07-15T11:39:15.829Z","dependency_job_id":null,"html_url":"https://github.com/jimmy-ly00/burp-extensions","commit_stats":null,"previous_names":["jimmy-ly00/burp-extensions"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jimmy-ly00/burp-extensions","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimmy-ly00%2Fburp-extensions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimmy-ly00%2Fburp-extensions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimmy-ly00%2Fburp-extensions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimmy-ly00%2Fburp-extensions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jimmy-ly00","download_url":"https://codeload.github.com/jimmy-ly00/burp-extensions/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jimmy-ly00%2Fburp-extensions/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32575111,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-03T06:36:36.687Z","status":"ssl_error","status_checked_at":"2026-05-03T06:36:09.306Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["burp","burp-extensions","burp-plugin","burpsuite-tools","http-header","http-headers","python","subprocess","subprocesses"],"created_at":"2024-11-07T21:08:30.704Z","updated_at":"2026-05-03T15:34:04.815Z","avatar_url":"https://github.com/jimmy-ly00.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Burp Extensions\nA collection of burp extensions that may be useful for others. These are required to be cleaned and tested, and will contain bugs!\n\n## Instructions\n1. Add via Extender \u003e Add \u003e Extension Type: Python \n2. Project Options \u003e Sessions \u003e Under 'Session Handling Rules' \u003e Add  \u003e Under 'Rule Actions' \u003e Add \u003e Invoke a Burp Extension \u003e Select 'burp-external-crypto-header.py'. Ensure 'Tool Scope' and 'URL Scope' has been specified.\n\n## Tools\n### burp-external-crypto-header\nAdds custom headers, one which requires using cryptographic signing (RSA). To overcome Jython limitations, it calls an extenal program to perform cryptographic functions using python subprocess and crypto packages. It then returns the output to the Burp extension to be processed and added as a HTTP header.\n\nJython has issues calling cryptographic libraries, or in fact any built-in library written in C, see the following link: https://www.jython.org/jython-old-sites/docs/library/indexprogress.html. We also cannot use packages such as pycryptodome that needs to be pip installed. There are three ways to overcome this:\n\n1. Use Python subprocess to tell your extension to run an external (python) program which removes the limitation as it runs on your local python now.\n2. Import and use Java functions in Python: https://parsiya.net/blog/2018-12-24-cryptography-in-python-burp-extensions/#aes-cfb-nopadding.\n3. Create the extension on Java instead.\n\nThis extension uses method 1. The main drawback would be I/O limitations as it uses subprocesses.\n\n### burp-hash-header\nUses hashlib to add a custom header which is a hash of the header and parameters\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjimmy-ly00%2Fburp-extensions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjimmy-ly00%2Fburp-extensions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjimmy-ly00%2Fburp-extensions/lists"}