Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/twelvesec/BearerAuthToken
This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach to solve the problem of Burp suite automated scanning failures when Authorization tokens exist.
https://github.com/twelvesec/BearerAuthToken
authorization burp burp-extensions burpsuite burpsuite-extender
Last synced: about 1 month ago
JSON representation
This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach to solve the problem of Burp suite automated scanning failures when Authorization tokens exist.
- Host: GitHub
- URL: https://github.com/twelvesec/BearerAuthToken
- Owner: twelvesec
- Created: 2017-06-14T14:11:26.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2019-02-27T16:38:44.000Z (almost 6 years ago)
- Last Synced: 2024-08-02T00:23:05.373Z (4 months ago)
- Topics: authorization, burp, burp-extensions, burpsuite, burpsuite-extender
- Homepage:
- Size: 42.8 MB
- Stars: 47
- Watchers: 4
- Forks: 12
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-burp-extensions - BearerAuthToken - This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests. (Vulnerability Specific Extensions / Session Management)
- awesome-hacking-lists - twelvesec/BearerAuthToken - This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach (Others)
README
# BearerAuthToken
This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach to solve the problem of Burp suite automated scanning failures when Authorization tokens exist.
## installation information
You can download the BearerToken.jar and install it directly to your BurpSuite or alternativey if you want to compile and create the jar yourself follow the steps below :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1) clone this repo
2) unzip burp.zip file
3) change directory to burp subfolder
4) inside burp subfolder compile the java files using the following command --> javac *.java
5) if you get the following message "Some input files use unchecked or unsafe operations" recompile with --> javac -Xlint:unchecked *.java
6) When finished compiling go back one folder -> cd ..
7) be sure that you are at the same folder where the burp subfolder exists
8) use the following command to create the jar file --> jar cf burpextender.jar burp
9) install burpextender.jar to BurpSuite
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
for more information on how to use this extension follow the link https://www.twelvesec.com/2017/05/05/authorization-token-manipulation/