Statement:
This article was first published in freebuf tidesec column by Nianhua, a member of the tide security team:
https://www.freebuf.com/column/198792.html
The target systems mentioned in this paper are all test environments built by local area network, for example, it is a coincidence that IP or URL are identical. The technologies, ideas and tools involved in this article are only for learning and exchange for safety purposes, and no one is allowed to use them for illegal purposes and profit purposes, or the consequences will be borne by themselves!
If you like, just click a little star in GitHub. Download from: https://github.com/nian-hua/burpextender/blob/master/intelligentanalysis.py
Configure Jython environment
First go to Jython official website to download the installation files
Just click the next step in the installation process, but remember the installation location:
Open the extension of burp after successful installation:
Select jython.jar under the installation path just remembered
Load the extension we just wrote.
Use of extensions
To view the proxy history:
If there is ID information in the returned packet, it will be marked in red
If the returned packet contains mobile number information, it will be marked in blue
If the returned packet contains GPS position information, it will be marked in green
In the output window of the burp extension, the sensitive information matched will be output in detail for future query.
The function of JSON decoder is an open source function on GitHub, but it does not support modifying the parsed data, so I modified it and added it to my program,
Epilogue
If you think there is anything else to mark, you can leave a message below. If you have any suggestions or comments, please visit my personal blog.
Download address:
https://github.com/nian-hua/BurpExtender/blob/master/IntelligentAnalysis.py
If you like, order a star
I'm a member of the tide security team. Small partners interested in information security can follow us. The tide security team (http://www.tide.net):