Push Burp requests to ElasticSearch
Go to file
Rasmus Moorats 535b2546c1
update elk
2022-10-11 11:05:41 +03:00
ElasticBurp remove invalid characters from project name 2022-04-11 14:13:44 +03:00
JarShim/burp tidy up project structure 2021-11-21 11:01:32 +02:00
.gitignore tidy up project structure 2021-11-21 11:01:32 +02:00
LICENSE Initial commit 2016-03-02 23:43:21 +01:00
README.md clean up for publishing 2021-11-17 15:53:30 +02:00
WASEQuery.py decode utf-8 by default, add full request/response to each doc 2021-11-18 17:11:16 +02:00
build-jar.sh create a symbolic link to the latest jar 2022-03-22 11:43:22 +02:00
docker-compose.yml update elk 2022-10-11 11:05:41 +03:00
queries.txt Added query examples 2016-04-02 00:06:56 +02:00
requirements.txt add sane number of max threads for piping requests 2021-11-21 11:46:04 +02:00



Scared about the weak searching performance of Burp Suite? Are you missing possibilities to search in Burp? ElasticBurp combines Burp Suite with the search power of ElasticSearch.


  1. Install ElasticSearch and Kibana.
  2. Configure both - For security reasons it is recommend to let them listen on localhost:
  • Set network.host: in /etc/elasticsearch/elasticsearch.yml.
  • Set host: "" in /opt/kibana/config/kibana.yml.
  1. Install dependencies in the Jython environment used by Burp Extender with: $JYTHON_PATH/bin/pip install -r requirements.txt
  2. Load ElasticBurp.py as Python extension in Burp Extender.


See this blog article for usage examples.


Search ElasticSearch indices created by WASE for

  • responses with missing headers
  • responses with missing parameters
  • all values that were set for a header (e.g. X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, Content-Security-Policy, ...)

...or do arbitrary search queries.

Invoke WASEQuery.py for help message. This blog article shows some examples for usage of WASEQuery.