Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/d3k4z/burp-copy-as-ffuf

Burp Extension that copies a request and builds a FFUF skeleton
https://github.com/d3k4z/burp-copy-as-ffuf

burp burp-extensions burpsuite ffuf jython

Last synced: 21 days ago
JSON representation

Burp Extension that copies a request and builds a FFUF skeleton

Awesome Lists containing this project

README

        

# Burp Extension: Copy As FFUF

![](images/demo.png)

## Description

`ffuf` ([https://github.com/ffuf/ffuf](https://github.com/ffuf/ffuf)) is gaining a lot of traction within the infosec community as a fast portable web fuzzer. It has been compared and aligned (kinda) to Burp's Intruder functionality. Thus, `Copy As FFUF` is trying to build that interoperatability bridge between the two.

## Features

- [X] Piping the copied request to a `request.http` file and build a skeleton `ffuf` command

## TODO

- [ ] Extend the functionality with additional right-click menu items, like:
- [ ] Create a `Copy as FFUF` submenu
- [ ] Copy request and use Burp proxy for verification `Copy as FFUF skeleton, verify via Burp"`
- [ ] Copy request and use Burp proxy for the attack `Copy as FFUF skeleton, proxy via Burp"`

- [ ] Maybe add a simple UI allowing to configure a path to wordlists

## Requirements

- Python environment / Jython for Burp Suite

## Installation

- Check if jython standalone is present in `Extender -> Options -> Python Environment`
- Load the extention `Extender -> Extensions -> Add -> select path to CopyAsFFUF.py`

> Hopefully at some point PortSwigger with make it available in the bApp store

## Known Issue

TODO

## Author

- d3k4z

## Credits

- [burp-copy-requests-response](https://github.com/CompassSecurity/burp-copy-request-response)