Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/portswigger/replicator
Burp extension to help developers replicate findings from pen tests
https://github.com/portswigger/replicator
Last synced: about 2 months ago
JSON representation
Burp extension to help developers replicate findings from pen tests
- Host: GitHub
- URL: https://github.com/portswigger/replicator
- Owner: PortSwigger
- Created: 2018-02-09T12:20:17.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2024-04-15T15:09:40.000Z (2 months ago)
- Last Synced: 2024-04-15T16:37:14.639Z (2 months ago)
- Language: Java
- Size: 124 KB
- Stars: 70
- Watchers: 10
- Forks: 17
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
Lists
- awesome-burp-extensions - Burp Replicator - Burp extension to help developers replicate findings from pen tests. (Logging and Notes / Template Injection)
- awesome-burp-suite - **58**星
- awesome-burp-extensions - Burp Replicator - Burp extension to help developers replicate findings from pen tests. (Logging and Notes / Template Injection)
- awesome-burp-extensions - Burp Replicator - Burp extension to help developers replicate findings from pen tests. (Logging and Notes / Template Injection)
- awesome-burp-suite - **58**星
README
# Replicator
Replicator is a Burp extension that helps developers to reproduce issues discovered by pen testers. The pen tester produces a Replicator file
which contains the findings in the report. Each finding includes a request, associated session rules or macros, and
logic to detect presence of the vulnerability. The tester sends the Replicator file to the client alongside the report.
Developers can then open the file within Burp and replicate the issues. When vulnerabilities have been fixed, Replicator
provides confirmation that the attack vector used in the pen test is now blocked. A retest is still recommended, in
case alternative attack vectors remain exploitable.
For further details, look in BappDescription.html