Push Burp requests to ElasticSearch

Find a file

Rasmus Moorats 535b2546c1 update elk		2022-10-11 11:05:41 +03:00
ElasticBurp	remove invalid characters from project name	2022-04-11 14:13:44 +03:00
JarShim/burp	tidy up project structure	2021-11-21 11:01:32 +02:00
.gitignore	tidy up project structure	2021-11-21 11:01:32 +02:00
build-jar.sh	create a symbolic link to the latest jar	2022-03-22 11:43:22 +02:00
docker-compose.yml	update elk	2022-10-11 11:05:41 +03:00
LICENSE	Initial commit	2016-03-02 23:43:21 +01:00
queries.txt	Added query examples	2016-04-02 00:06:56 +02:00
README.md	clean up for publishing	2021-11-17 15:53:30 +02:00
requirements.txt	add sane number of max threads for piping requests	2021-11-21 11:46:04 +02:00
WASEQuery.py	decode utf-8 by default, add full request/response to each doc	2021-11-18 17:11:16 +02:00

README.md

ElasticBurp

Scared about the weak searching performance of Burp Suite? Are you missing possibilities to search in Burp? ElasticBurp combines Burp Suite with the search power of ElasticSearch.

Installation

Install ElasticSearch and Kibana.
Configure both - For security reasons it is recommend to let them listen on localhost:

Set network.host: 127.0.0.1 in /etc/elasticsearch/elasticsearch.yml.
Set host: "127.0.0.1" in /opt/kibana/config/kibana.yml.

Install dependencies in the Jython environment used by Burp Extender with: $JYTHON_PATH/bin/pip install -r requirements.txt
Load ElasticBurp.py as Python extension in Burp Extender.

Usage

See this blog article for usage examples.

WASEQuery

Search ElasticSearch indices created by WASE for

responses with missing headers
responses with missing parameters
all values that were set for a header (e.g. X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, Content-Security-Policy, ...)

...or do arbitrary search queries.

Invoke WASEQuery.py for help message. This blog article shows some examples for usage of WASEQuery.