Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/synfron/ReshaperForBurp
Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules
https://github.com/synfron/ReshaperForBurp
burp http modify reshaper rules traffic
Last synced: 3 months ago
JSON representation
Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules
- Host: GitHub
- URL: https://github.com/synfron/ReshaperForBurp
- Owner: synfron
- License: mit
- Created: 2020-11-26T23:11:50.000Z (over 3 years ago)
- Default Branch: release
- Last Pushed: 2024-03-31T14:04:01.000Z (3 months ago)
- Last Synced: 2024-04-01T14:45:22.555Z (3 months ago)
- Topics: burp, http, modify, reshaper, rules, traffic
- Language: Java
- Homepage: https://synfron.github.io/ReshaperForBurp/
- Size: 949 KB
- Stars: 76
- Watchers: 2
- Forks: 10
- Open Issues: 2
-
Metadata Files:
- Readme: Readme.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Lists
- awesome-burp-extensions - Reshaper for Burp - Extension for Burp Suite to trigger actions and reshape HTTP request and response traffic using configurable rules (Custom Features)
- awesome-burp-extensions - Reshaper for Burp - Extension for Burp Suite to trigger actions and reshape HTTP request and response traffic using configurable rules (Custom Features)
README
# Reshaper for Burp
Extension for Burp Suite to trigger actions and reshape HTTP request/response and WebSocket traffic using configurable Rules
![Screenshot](https://user-images.githubusercontent.com/48854453/206939994-3cf7beb7-61bb-4f12-8b7b-10239e4d0281.png)
[Example Usage](https://synfron.github.io/ReshaperForBurp/Examples.html)
## Rules
Rules allow you to set actions to perform (called Thens) if messages/connections (event) received by Burp Suite meet certain criteria (called Whens). Rules are processed in order.
[More](https://synfron.github.io/ReshaperForBurp/Rules.html)
### Whens
Content Type - If the HTTP request body is reported to match specified content types
Event Direction - If the HTTP message is a Request or Response, or if the WebSocket message is directed toward the client or server
From Tool - If the HTTP/WebSocket message is from a specific Burp tool
Has Entity - If the HTTP/WebSocket event contains a certain message value entity
In Scope - If the URL is in the suite-wide scope
Matches Text - If a value (text, variable, or HTTP/WebSocket message value entity) matches a value
Message Type - If the WebSocket message is text or binary
MIME Type - If the HTTP response body is reported to match specified MIME types
Proxy Name - If received by a certain Burp proxy listener
Repeat - Repeat a group of When constraints for each item in a list
[More](https://synfron.github.io/ReshaperForBurp/Rules.html#whens)
### Thens
Break - Stop Rules or then action processing
Build HTTP Message - Build an HTTP request or response message and store the full text in a variable
Comment - Add a comment to the line item in the HTTP/WebSocket history
Delay - Delay further processing/sending of the HTTP/WebSocket event
Delete Value - Remove an HTTP message entity
Delete Variable - Delete a variable
Drop - Have Burp drop the connection
Evaluate - Perform operations on values
Highlight - Highlight the line item in the HTTP/WebSocket history
Intercept - Intercept the message in the Proxy interceptor
Log - Log message to the Burp extension console
Parse HTTP Message - Extract values from an HTTP request or response message and store the values in variable
Prompt - Get text via a prompt dialog
Read File - Read a file
Repeat - Repeat a group of Then actions by count, boolean value, or for each item in a list
Run Process - Execute a command in a separate process
Run Rules - Run a specific Rule or all auto-run Rules
Run Script - Execute a JavaScript script
Save File - Save text to a file
Set Encoding - Set the encoding used to read and write bytes of the HTTP request or response body, or WebSocket message
Set Event Direction - Change whether to send a request or to send a response at the end of processing
Set Value - Set the value of an HTTP/WebSocket event using another value (text, variable, or HTTP/WebSocket event entity)
Set Variable - Set a variable using another value (text, variable, or HTTP/WebSocket event entity)
Send Message - Send a separate WebSocket message
Send Request - Send a separate HTTP request
Send To - Send data to other Burp tools or the system's default browser
[More](https://synfron.github.io/ReshaperForBurp/Rules.html#thens)
## Variables
Share values across different Rules while processing the same event or all events.
[More](https://synfron.github.io/ReshaperForBurp/Variables.html)
## Development
### Build JAR with IntelliJ
1. Open IntelliJ.
2. Create a new project (Gradle) from existing source using Java 17.
3. Once the project is created/open, wait for IntelliJ to process Gradle dependencies.
4. Run the `jar` Gradle build task from the Gradle tool window/sidebar. The JAR will be placed in the `build\libs` directory.### Build JAR with CLI
1. Install Java 17.
2. Install Gradle v7.4.
3. Run the `gradle --refresh-dependencies build` command.
4. Run the `gradle build jar` command. The JAR will be placed in the `build\libs` directory.### Debugging
#### IntelliJ
1. Apply this [git patch](https://gist.github.com/ddwightx/6965732339bdf4cd022d550f40a9e99f) to the project to allow Reshaper to be debugged as a legacy extension in Burp Suite.
2. In Reshaper, using the Settings tab, export all Rules and global variables to a JSON file to prevent data loss.
3. In Extender, unload the Reshaper extension from Burp Suite if you already have the extension installed from the BApp Store or from a JAR.
4. Close Burp Suite.
5. Open the Reshaper project in IntelliJ.
6. Navigate to `java/synfron/reshaper/burp/ui/Window.java`.
7. Right-click the file in the Project view and click `Run Window.main()` or `Run Window.main()`.
8. Burp Suite will open with Reshaper loaded as an legacy extension.#### CLI
1. Apply this [git patch](https://gist.github.com/ddwightx/6965732339bdf4cd022d550f40a9e99f) to the project to allow Reshaper to be debugged as a legacy extension in Burp Suite.
2. In Reshaper, using the Settings tab, export all Rules and global variables to a JSON file to prevent data loss.
3. In Extender, unload the Reshaper extension from Burp Suite if you already have the extension installed from the BApp Store or from a JAR.
4. Close Burp Suite.
5. In a CLI, execute `java -cp path/to/the/reshaper-for-burp/JAR/file.jar synfron.reshaper.burp.ui.Window`.
6. Burp Suite will open with Reshaper loaded as a legacy extension.## Contributions
Contributions are encouraged. Issues and Pull Requests welcome. Also help us spread the word.
Primary Developer: Daquanne Dwight
## Support
For help with how to use Reshaper for a particular need, to report a bug, or to make a suggestion, create an issue in GitHub or email support[at]synfron.com.
## License
MIT License. See [LICENSE](https://github.com/synfron/ReshaperForBurp/blob/master/LICENSE)