Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/nccgroup/BurpImportSitemap

Import To Sitemap is a Burp Suite Extension to import wstalker CSV file or ZAP export file into Burp Sitemap
https://github.com/nccgroup/BurpImportSitemap

Last synced: about 1 month ago
JSON representation

Import To Sitemap is a Burp Suite Extension to import wstalker CSV file or ZAP export file into Burp Sitemap

Host: GitHub
URL: https://github.com/nccgroup/BurpImportSitemap
Owner: nccgroup
License: agpl-3.0
Created: 2020-05-05T09:48:43.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2023-01-11T15:11:26.000Z (almost 2 years ago)
Last Synced: 2024-08-02T00:23:16.406Z (4 months ago)
Language: Java
Homepage:
Size: 753 KB
Stars: 6
Watchers: 5
Forks: 7
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-burp-extensions - Import To Sitemap - Import To Sitemap is a Burp Suite Extension to import wstalker CSV file or ZAP export file into Burp Sitemap. (Tool Integration / SSRF)

README

        # Import To Sitemap Extension

Import To Sitemap is a [Burp Suite](https://portswigger.net/burp) Extension to import [wstalker](https://github.com/nccgroup/wstalker) CSV file or [ZAP](ZAP.md) export file into Burp Sitemap. It also includes a contextual menu to send request/response items from any tab to the sitemap.

## License

Released as open source by NCC Group Plc - https://www.nccgroup.com/

Developed by Jose Selvi [![Twitter Follow](https://img.shields.io/twitter/follow/JoseSelvi?style=social)](https://twitter.com/JoseSelvi/)

https://github.com/nccgroup/BurpImportSitemap

Released under AGPL see [LICENSE](LICENSE) for more information

## Compile or Download

To use it, you can compile your own jar file from the source code by running `gradle fatJar`. You can also download the jar file that was already compiled for you from [here](https://github.com/nccgroup/BurpImportSitemap/releases/download/20200505/import-sitemap.jar).

## Using Import to Sitemap Extension 

Once the extension has been loaded into Burp, an additional tab called "Import Sitemap" is added. This new tab has a number of buttons to select and load the CSV file.

![Load CSV](img/load.png "Logo Title Text 1")

There is a checkbox called "Enable Fakeparam Trick", which is disabled by default and it is considered a legacy option. More information about this legacy option [here](FakeParamTrick.md).

When selecting the CSV file, all the requests and responses are loaded into the SiteMap. From there we can inspect and export them into Repeater, Intruder, etc.

![Send To](img/repeater.png "Logo Title Text 1")

The extension also includes two contextual menus that allow to import requests/responses from any other tool. The "fakeparam" one will import as we had enabled the checkbox described [above](FakeParamTrick.md). This second option will probable be removed in further updated.

![Load CSV](img/sitemap.png "Logo Title Text 1")