Light

yandex / burp-molly-pack Goto Github PK

View Code? Open in Web Editor NEW

137.0 11.0 19.0 76 KB

Security checks pack for Burp Suite

License: BSD 3-Clause "New" or "Revised" License

Java 100.00%

security burp-extensions burp-plugin vulnerability-detection burpsuite burpsuite-pro

burp-molly-pack's Introduction

Burp-molly-pack

Overview

Burp-molly-pack is Yandex security checks pack for Burp. The main goal of Burp-molly-pack is to extend Burp checks. Plugins contains Active and Passive security checks.

Usage

Build fat jar with Maven mvn package or download release version
Change and save burp_molly_config.json
Put path to config in MOLLY_CONFIG Environment variable

export MOLLY_CONFIG=/path/to/burp_molly_config.json

Run Burp Suite in console java -jar burpsuite_pro.jar
Add Plugins Jar file in Extender Tab

Contributing

Contributions to Burp-molly-pack are always welcome! You can help us in different ways:

Open an issue with suggestions for improvements and errors you're facing;
Fork this repository and submit a pull request;
Improve the documentation.

burp-molly-pack's People

Contributors

Stargazers

Watchers

Forkers

chubbymaggie expertasif pombredanne hax0rg1rl ch4p34un0ir hd421 anon0ps nbg0x1 mis-team burpsuiteextensions w2n1ck 5l1v3r1 ra2003 simple0313 bbxc isabella232 excloudx6 0xsojalsec ramzansmith

burp-molly-pack's Issues

BurpSuite Getting Crashed while Adding Extension

Hello,

Not sure why am making this again, a few minutes ago I created the issue here, and now it disappears, making again.

Created the build.

While adding extension burp getting crashed and closed as you can see here

Burp crash

Hi,

my Burp is installed on Mac OS, can you explain me please how to use your plugin? Because if I install the jar from extender it crash.

not sure how I can open it using java -jar /Applications/Burp Suite Professional.app because not works. Thank you

SSRF/XXE/HTTP interaction not working on v2.1

I've been testing this extension on 1.7.37 and 2.1 versions.
In version 1.7.37 extension works.
in 2.1 it works but not the active payloads.
I've tested on testphp.vulnweb.com and DSVW (https://github.com/stamparm/DSVW).
With older version the ssrf http/dns interaction are detected, in newer one it doesn't.
Maybe due to API changes, 'cause also active phase of other extensions doesn't works.
Would like a possible update 'cause i don't know well Java (i'll try).
Or someone could help.

Cheers

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.