Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Ebryx/SRePlay
Burpsuite Plugin to bypass strict RePlay protection
https://github.com/Ebryx/SRePlay
burp burp-extensions burp-plugin burpsuite burpsuite-extender burpsuite-tools
Last synced: 22 days ago
JSON representation
Burpsuite Plugin to bypass strict RePlay protection
- Host: GitHub
- URL: https://github.com/Ebryx/SRePlay
- Owner: Ebryx
- License: mit
- Created: 2021-04-14T16:26:09.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2021-04-23T22:11:01.000Z (over 3 years ago)
- Last Synced: 2024-08-05T17:37:05.886Z (4 months ago)
- Topics: burp, burp-extensions, burp-plugin, burpsuite, burpsuite-extender, burpsuite-tools
- Language: Java
- Homepage:
- Size: 21.5 KB
- Stars: 10
- Watchers: 3
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - Ebryx/SRePlay - Burpsuite Plugin to bypass strict RePlay protection (Java)
README
# SRePlay (Strict RePlay)
[![Open Source Love](https://badges.frapsoft.com/os/v1/open-source.svg?v=102)](https://github.com/ellerbrock/open-source-badge/)
[![GitHub version](https://d25lcipzij17d.cloudfront.net/badge.svg?id=gh&type=0.2&v=1.0&x2=0)](http://badge.fury.io/gh/boennemann%2Fbadges)
[![Open Source Love](https://badges.frapsoft.com/os/mit/mit.svg?v=102)](https://github.com/ellerbrock/open-source-badge/)**Burpsuite Plugin to bypass RePlay protection**
### Requirements
- Burpsuite### How to Install
Download Latest Jar from Release and add in burpsuite extender### What it does
It is design for a scenario where we can't replay requests more than once as the request is getting Token from previous request's response and also when we can't make request with macros to get the token- It will extract the value of token from the last response and automatically update the request with the new token on the fly
### Usage Guide
The detailed usage guide can be found SRePlay - Bypass Replay Protection.
### How it works
- Provide `Host URL`
- Provide `Response parameter name`
- Provide `Request parameter name`
- Provide `Parameter Initial Value`
- Press `Start SRePlay`### SRePlay in Action
### Limitation
- Will only work with single thread on Scanner and Intruder### Tested on
- Burpsuite 2021.4
- Windows 10
- Ubuntu & PopOS### Improvements
- Multi-session / threading support