https://github.com/NetSPI/JSWS

JavaScript Web Service Proxy Burp Plugin
https://github.com/NetSPI/JSWS

Last synced: about 1 month ago
JSON representation

JavaScript Web Service Proxy Burp Plugin

• Host: GitHub
• URL: https://github.com/NetSPI/JSWS
• Owner: NetSPI
• Created: 2017-02-13T16:10:47.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2017-02-15T15:27:10.000Z (almost 8 years ago)
• Last Synced: 2024-08-02T00:23:09.610Z (4 months ago)
• Language: Java
• Size: 353 KB
• Stars: 7
• Watchers: 8
• Forks: 9
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-burp-extensions - JSWS - Burp Extenstion to parse JavaScript WebService Proxies and create sample requests. (Web Services / SSRF)

README

        
# JSWS

Burp Extenstion to parse JavaScript WebService Proxies and create sample requests.

The blog explaining JSWS and the use case can be found at https://blog.netspi.com/attacking-javascript-web-service-proxies-burp/

## Download

The plugin can be downloaded from the releases tab and loaded into Burp under the Extender tab.

## Use

Right click a request or response containing the JSWS and select Parse JSWS.

![alt-tag](https://blog.netspi.com/wp-content/uploads/2017/02/parse-JSWS.png)

This will send the request to the JSWS tab and parse out all possible reqeusts.

![alt-tag](https://blog.netspi.com/wp-content/uploads/2017/02/JSWS-tab.png)

From this tab you can send any of the newly crafted requests to Repeater, Scanner, Intruder, etc.