My new buddy Matt (https://twitter.com/matt0177), long-time SANS TA and Facilitator and all-around amazingly-smart dude, asked for my suggestions for Burp Suite extensions that I like using. This post is for him (and you).
Burp Suite is one of the core tools that web application penetration testers use to intercept, analyze and alter network traffic. It is a Java application that comes in both a free and a “pro” version (which, at the time of this writing, is $299 per user per year).
In addition to all the wonderful tools that are included in the tool, the Portswigger team has made Burp Suite extensible so that the community can create their own Java, Ruby and Python scripts to make Burp even more useful. This post highlights some of the ones that I have found to be stable and helpful in my testing. Since you may test different systems/technologies than I do, you may wish to try/use some of the other modules.
As with the rest of the Burp application, the Portswigger team has created some great documentation for this feature. Check it out here if you get stuck.
Some of the modules add features to the existing tabs and tools already in Burp and others add new tabs to the display and create their own tools.
Getting to Burp Extender
I’m going to assume that you have already downloaded either Burp free or the pro version and have it up and running. If you do, then select the Extender tab (marked 1 in the pic) along the top of the application and then the BApp Store tab (marked 2) in the sub-tab row. Should look like the picture below.
Burp Suite (free) Extender BApp Store View
The extensions are listed alphabetically (although you can sort in any of the columns by double-clicking the column heading (Name, Installed, Rating, Detail).
As you can see from the above picture, while most of the modules work with both the free and pro versions of Burp, some are only available in the pro version.
Modules can be rated by the community with the overall rating being displayed as stars in the third column. The right hand pane changes to display details about the module you have selected on the left.
My Favorite Modules
(In alphabetical order)
Purpose: To make .NET body parameters more human-readable. Very helpful for examining things like VIEWSTATE contents.
Active Scan++ (Pro only)
Purpose: Adds extra scan features to the passive and active scanning tools in Burp.
HTML5 Auditor (Pro only)
Purpose: Checks HTML5 attributes for flaws.
Identity Crisis (Pro only)
Purpose: Checks the web site to see if it responds differently to different User-Agent strings.
J2EEScan (Pro only)
Purpose: Examines J2EE applications/servers for vulnerabilities.
Purpose: Reformat JSON into an easily-readable format.