ci/woodpecker/push/woodpecker Pipeline failed Details
Burp Value Autoupdater
Simple Burp Suite plugin which stores values from incoming requests.
The values to watch for can be defined using regex or simply header names.
Values which have been stored can be used in outgoing requests using
As an example, let's say we want to keep track of a CSRF token, sent to us as the cookie
We set up a regex to watch for the value like so:
We receive a response to a request (via any enabled tool) that contains a new CSRF value:
HTTP/1.1 200 OK Set-Cookie: csrf=the_csrf_token
The stored value gets updated with the token we received in the response:
We can then use the
$placeholder$ in a request, which will automatically fill in the stored value:
GET / HTTP/1.1 Host: nns.ee Cookie: csrf=$csrf$; session=123
Regex matching (and placing values) works in any part of the request, not just the headers.
The regex matcher uses the re2 syntax.
.jar files are provided. Once I feel this project is polished enough to publish releases for, I will probably upload this to the Burp App store.
You can, however, build the
.jar yourself if you so desire.
Once you have a
.jar, in Burp Suite, go to Extender -> Add and load the file as a Java extension.
Building is done via Gradle. To build a
.jar with all dependencies included, do:
.jar file can then be found in
build/libs/ (look for the version tagged