Go to file
Rasmus Moorats faa960a56e
ci/woodpecker/push/woodpecker Pipeline failed Details
add a build-time generated buildconfig file
2023-04-04 12:40:25 +03:00
gradle/wrapper include gradle wrapper jar 2022-10-13 14:17:56 +03:00
src/main add a build-time generated buildconfig file 2023-04-04 12:40:25 +03:00
transformer-bundle@9638490412 bump transformer-bundle 2022-10-07 10:41:14 +03:00
.gitignore include gradle wrapper jar 2022-10-13 14:17:56 +03:00
.gitmodules update transformer-bundle submodule url 2022-10-15 13:29:05 +03:00
.woodpecker.yml update CI 2023-03-17 15:44:50 +02:00
README.md use re2 as the regex engine 2022-10-03 13:30:45 +03:00
build.gradle.kts add a build-time generated buildconfig file 2023-04-04 12:40:25 +03:00
gradle.properties initial commit 2022-09-20 15:56:27 +03:00
gradlew initial commit 2022-09-20 15:56:27 +03:00
gradlew.bat initial commit 2022-09-20 15:56:27 +03:00
settings.gradle.kts initial commit 2022-09-20 15:56:27 +03:00


Burp Value Autoupdater


Simple Burp Suite plugin which stores values from incoming requests.

The values to watch for can be defined using regex or simply header names.

Values which have been stored can be used in outgoing requests using $placeholders$.


As an example, let's say we want to keep track of a CSRF token, sent to us as the cookie csrf.

We set up a regex to watch for the value like so:

Regex UI

We receive a response to a request (via any enabled tool) that contains a new CSRF value:

HTTP/1.1 200 OK
Set-Cookie: csrf=the_csrf_token

The stored value gets updated with the token we received in the response:

Table view

We can then use the $placeholder$ in a request, which will automatically fill in the stored value:

GET / HTTP/1.1
Host: nns.ee
Cookie: csrf=$csrf$; session=123

Regex matching (and placing values) works in any part of the request, not just the headers.

The regex matcher uses the re2 syntax.


Currently, no .jar files are provided. Once I feel this project is polished enough to publish releases for, I will probably upload this to the Burp App store.

You can, however, build the .jar yourself if you so desire.

Once you have a .jar, in Burp Suite, go to Extender -> Add and load the file as a Java extension.


Building is done via Gradle. To build a .jar with all dependencies included, do:

./gradlew shadowJar

The .jar file can then be found in build/libs/ (look for the version tagged -all).