https://github.com/nccgroup/BurpImportSitemap
Import To Sitemap is a Burp Suite Extension to import wstalker CSV file or ZAP export file into Burp Sitemap
https://github.com/nccgroup/BurpImportSitemap
Last synced: about 1 month ago
JSON representation
Import To Sitemap is a Burp Suite Extension to import wstalker CSV file or ZAP export file into Burp Sitemap
- Host: GitHub
- URL: https://github.com/nccgroup/BurpImportSitemap
- Owner: nccgroup
- License: agpl-3.0
- Created: 2020-05-05T09:48:43.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2023-01-11T15:11:26.000Z (over 2 years ago)
- Last Synced: 2024-08-02T00:23:16.406Z (10 months ago)
- Language: Java
- Homepage:
- Size: 753 KB
- Stars: 6
- Watchers: 5
- Forks: 7
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-burp-extensions - Import To Sitemap - Import To Sitemap is a Burp Suite Extension to import wstalker CSV file or ZAP export file into Burp Sitemap. (Tool Integration / SSRF)
README
# Import To Sitemap Extension
Import To Sitemap is a [Burp Suite](https://portswigger.net/burp) Extension to import [wstalker](https://github.com/nccgroup/wstalker) CSV file or [ZAP](ZAP.md) export file into Burp Sitemap. It also includes a contextual menu to send request/response items from any tab to the sitemap.
## License
Released as open source by NCC Group Plc - https://www.nccgroup.com/
Developed by Jose Selvi [](https://twitter.com/JoseSelvi/)
https://github.com/nccgroup/BurpImportSitemap
Released under AGPL see [LICENSE](LICENSE) for more information
## Compile or Download
To use it, you can compile your own jar file from the source code by running `gradle fatJar`. You can also download the jar file that was already compiled for you from [here](https://github.com/nccgroup/BurpImportSitemap/releases/download/20200505/import-sitemap.jar).
## Using Import to Sitemap Extension
Once the extension has been loaded into Burp, an additional tab called "Import Sitemap" is added. This new tab has a number of buttons to select and load the CSV file.

There is a checkbox called "Enable Fakeparam Trick", which is disabled by default and it is considered a legacy option. More information about this legacy option [here](FakeParamTrick.md).
When selecting the CSV file, all the requests and responses are loaded into the SiteMap. From there we can inspect and export them into Repeater, Intruder, etc.

The extension also includes two contextual menus that allow to import requests/responses from any other tool. The "fakeparam" one will import as we had enabled the checkbox described [above](FakeParamTrick.md). This second option will probable be removed in further updated.
