https://github.com/doyensec/PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
https://github.com/doyensec/PESD-Exporter-Extension

Last synced: 10 months ago
JSON representation

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

• Host: GitHub
• URL: https://github.com/doyensec/PESD-Exporter-Extension
• Owner: doyensec
• License: apache-2.0
• Created: 2023-02-14T16:43:19.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2024-01-30T14:44:17.000Z (almost 2 years ago)
• Last Synced: 2024-04-28T04:35:12.728Z (over 1 year ago)
• Language: HTML
• Homepage:
• Size: 3.09 MB
• Stars: 88
• Watchers: 5
• Forks: 8
• Open Issues: 6
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          







# PESD Exporter - Burp Suite Extension

Generate security-oriented sequence diagrams and fine-grained parsed traffic from Burp Suite Proxy history.  

This extension is based on the Proxy Enriched Sequence Diagrams (PESD) format.

Discover the format [here](mds/Format.md) and read the launch post on our [doyensec blog](https://blog.doyensec.com/2023/02/14/pesd-extension-public-release.html).







The exporter handles Burp Suite Proxy's traffic conversion to PESD format and offers the possibility to execute templates that will enrich the resulting exports.


## Extension Usage 

Select and send specific traffic entries from Burp Suite Tabs to the Exporter tab. 

Specify a mode of operation for the export:

- **Domains as Actors** - Each domain involved in the traffic is represented as an actor in the diagram. Suitable for multi-domain flows analysis

- **Endpoints as Actors** - Each endpoint (path) involved in the traffic is represented as an actor in the diagram. Suitable for single-domain flows analysis

Auto-Export is enabled by default, sending items to the extension will directly result in a export. User is redirected to the Browser view and the items are cleaned after the export within the extension

## Export Capabilities

- **Expandable Metadata**. Underlined flags can be clicked to show the underlying metadata from the traffic in a scrollable popover

    

- **Masked Randoms in URL Paths**. UUIDs and pseudorandom strings recognized inside path segments are mapped to variable names `` / ``. The re-renderization will reshape the diagram to improve flow readability. Every occurrency with the same value maintains the same name

  

- **Notes**. Comments from Burp Suite are converted to notes in the resulting diagram. Use `
` in Burp Suite comments to obtain multi-line notes in PESD exports

- **Theme**. Use [MermaidJS theme](https://mermaid.js.org/config/theming.html?#theme-variables) veriables to build your own sequence diagram style set in the extension

- **Embedded MD editor**. Edit the generated diagram directly in the export to add details (e.g. internal calls to microservices, notes, everything allowed by mermaid JS)

- **Highlight colors from Burpsuite** are ported to the sequence diagram arrow colors

- **Invert Proxy History order**. If you have the last request on top, activate it

- **Save as** : `SVG`, `Markdown`, `JSON` metadata, explorable `HTML`

    

## Extending the diagram, syntax and metadata with Templates

By default, a generic diagram follows the basic [PESD syntax ](mds/Format.md#base-diagram-syntaxes).

PESD Exporter supports syntax and metadata extension via templates execution.

#### What is a Template?

Templates are iterations that occur on the basic PESD object in order to enrich its content by:

-	Adding new Flags or modifying existing ones

-	Framing sections of the resulting diagram. Read about [MermaidJS Alt Syntax](https://mermaid-js.github.io/mermaid/#/sequenceDiagram?id=alt). 

-	Enriching the metadata with new findings

***Approach Idea :*** Users can leverage this extensibility to parse metadata and markdown in order to add new value in both of them by adding new logic.

#### Currently Implemented Templates

The Extension currently supports the following templates :

-  **OAuth2 / OpenID Connect.** The template matches standard OAuth2/OpenID Connect flows and adds related flags + flow frame.

   Oauth2 supported flows : Implicit Grant and Code Grant. OpenID supported flows : Code Grant, Implicit Grant and Hybrid flow.

   Respectively based on [rfc6749](https://datatracker.ietf.org/doc/html/rfc6749) and [openid-connect-core-1_0](https://openid.net/specs/openid-connect-core-1_0.html)

-  **SAML SSO**. The template matches Single-Sign-On flows with SAML V2.0 and adds related flags + flow frame.

    Based on [SAML V2.0 ](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.html#5.1.Web%20Browser%20SSO%20Profile|outline), supported flows:

	- SP-initiated SSO using a Redirect Binding for the SP-to-IdP  message and a POST Binding for the IdP-to-SP  message

	- SP-initiated SSO using a POST Binding for the  message and an Artifact Binding for the  message

	- IDP-initiated SSO using a POST Binding for the IdP-to-SP  message; no SP-to-IdP  message is involved.

Template matching example for *SAML SP-initiated SSO with redirect POST*:







	


#### Development

- Clone the repository

- Import it in Netbeans / your preferred IDE

- Run **gradle build fatjar** to compile the extension

- Import the compiled JAR in `build/libs/pesd-exporter-all.jar`

	

#### How to write new templates

Find the  [template implementation guide](mds/WritingTemplates.md).

	

## Credits

*Author and Maintainer:* Francesco Lacerenza ([@lacerenza_fra](https://twitter.com/lacerenza_fra))

This project was made with love in the [Doyensec Research island](https://doyensec.com/research.html) during the [internship with 50% research time](https://blog.doyensec.com/2019/11/05/internship-at-doyensec.html).