Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.

Related tags

Messaging CYS4-SensitiveDiscoverer
Overview

CYS4-SensitiveDiscoverer

Introduction

Burp Suite is a useful tool used to do web application security testing. While Burp Suite provides a lot of functionalities, it does not offer the opportunity to scan for particular pattern or file extension inside HTTP messages and is very tedious to check every message manually. CYS4-SensitiveDiscoverer is a Burp Suite tool used to extract Regular Expression or File Extension form HTTP response automatically or at the end of all tests or during the test. The plugin will be available with a pre-defined set of Regular Expression and File Extension, but then you can choose which of them activate or deactivate and also create your own lists.

How to compile from source code

The extension was compiled with IntelliJ 2021.2.2, with OpenJDK version 16.0.1.

The BApp could be compiled with a Maven by following the below steps:

  1. View > Tool Windows > Maven
  2. On the new right panel expand the Lifecycle folder
  3. Double-click on install

Using Maven configuration will be generated a .jar file that will include all the dependencies.

Installation

To install CYS4-SensitiveDiscoverer manually, you have to:

  1. Download newest CYS4-SensitiveDiscoverer from the Release page
  2. Go to Extender -> Extension. Click Add. Set Extension type to Java. Set the path of the file download at step 1. inside Extension file (.jar)
  3. CYS4-SensitiveDiscoverer should appear inside Burp Extension list. Also you will see a new tab.

Usage

The default configuration has a list of regular expression and file extension. To see the predefined list go to Options TAB. Here you can choose which of them activate or not or you can choose to insert your own regular expression or file extension. For both of them there are a list of actions to interact with them The actions are:

  • Reset: the plugin will reset the default list of regular expression or file extension.
  • New: a pop-up will appear and offer the opportunity to insert a new regular expression or file extension.
  • Delete: after selecting a row, this will be deleted from the list.
  • Clear: the plugin will clear the list leave them empty.
  • Open: a pop-up will appear and offer the opportunity to insert in bulk a list of regular expression or file extension from a file.
  • Save: the plugin offer the possibility to save your custom list for future tests. After you have select your own desired configuration you can start to find sensitive informations inside HTTP messages. The plugin will be execute in two different modes:
  1. Analyze HTTP History: the plugin will parse all http history generated from that moment and it will find any active pattern
  2. Live: the plugin will parse request by request as the user will generates one from his web browser.

Credits

CYS4 was born in 2015 from a collaboration with an Israeli company in the world of Cyber Security, then detaching its team ensuring the focus on innovation and quality towards a national context.

Check out our blog for more information.

References

  • shhgit: Regex and File Extension database used in this project.
Comments
  • Problem with Import functionnality

    Problem with Import functionnality

    Hi, I hope you are well, so I have an issue importing the saved REGEX list. first I export the regex list and save it in a CSV extension (sensitiveDiscoverer.csv). then when I close the burp or even I clear the list and then import my saved list (sensitiveDiscoverer.csv) it is not loaded !!!

    regards

    duplicate 
    opened by ayadim 2
  • Changing lists while making an analysis cause errors

    Changing lists while making an analysis cause errors

    The regexList and extensionsList are passed as a reference to the Scanner. The Scanner uses them while scanning, but if they change while scanning, problems occur.

    With this fix, when an analysis is started, a copy of the current state is saved. Then, the Scanner uses this copy instead of the original list so that changes don't interfere with the analysis.

    fix/scanner 
    opened by LorenzoCoppi-cys4 0
  • Option to change scanner's number of threads

    Option to change scanner's number of threads

    Adds a new section in the configurations of the Options tab.

    This permits viewing and changing the number of threads the Scanner uses to analyze the requests.

    By default, the Scanner is initialized with 4 threads. With the new option, the number can be changed to any number in the range of 1-128.

    feature/options 
    opened by LorenzoCoppi-cys4 0
  • Text editor: find the match also on the request pane

    Text editor: find the match also on the request pane

    • When matching extensions, the extension wasn't matched in the request;
    • Separated the regex's description from the regex itself. It's now possible to copy both independently;
    • Renamed variables to ease future refactoring.
    fix/logger 
    opened by LorenzoCoppi-cys4 0
  • Fix lists' actions in Options tab

    Fix lists' actions in Options tab

    The actions of the lists buttons inside the Options tab weren't working since the update to v2.0.0.

    • Fixed these actions
    • Updated README with information on how to use these buttons

    Closes #1

    feature/extensions fix/options 
    opened by LorenzoCoppi-cys4 0
  • Update to v2.0.0

    Update to v2.0.0

    Merge the changes from the dev branch.

    • Progress bar in Logger
    • Stop analysis button
    • Scan is now multithreaded
    • Precompile regex at initialization
    • General refactor
    • Update to JDK17
    • Update README
    feature/logger feature/options fix/options 
    opened by LorenzoCoppi-cys4 0
  • where is the regex file location to pull request ?

    where is the regex file location to pull request ?

    hi, if I want to add my regular expression to your list which location I should add to it? target/classes/regex.json or src/main/java/cys4/resources/regex.json

    regards

    feature/regex 
    opened by ayadim 4
  • Suggestion : Can you add choice to ananlyse Logger history ?

    Suggestion : Can you add choice to ananlyse Logger history ?

    Hi, thank you for this great extension I really loved it,

    my suggestion Is very clear since the extension target the HTTP history why you do not add a bottom to analyze the logger history? I really want to see this in new updates.

    Regards

    feature/logger 
    opened by ayadim 2
Releases(v2.1.0)
Owner
CYS4srl
Please report all security issues to admin at cys4 dot com
CYS4srl
GitHub
A template and introduction for the first kafka stream application. The readme file contains all the required commands to run the Kafka cluster from Scrach

Kafka Streams Template Maven Project This project will be used to create the followings: A Kafka Producer Application that will start producing random

null 2 Jan 10, 2022
An example Twitch.tv bot that allows you to manage channel rewards (without requiring a message), and chat messages.

Twitch Bot Example shit code that can be used as a template for a twitch bot that takes advantage of channel rewards (that dont require text input) an

Evan 3 Nov 3, 2022
Plugin for keycloak that serves as an event listener, displaying user information in the log when there are registration and login events

Keycloak - Event listener Details Plugin for keycloak that serves as an event listener, displaying user information in the log when there are registra

José alisson 2 Jan 14, 2022
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

HopLa ?? All the power of PayloadsAllTheThings, without the overhead. This extension adds autocompletion support and useful payloads in Burp Suite to

Synacktiv 522 Dec 24, 2022
Generate a dynamic PAC script that will route traffic to your Burp proxy only if it matches the scope defined in your Burp target.

Burp PAC Server This Burp Extension generates a dynamic Proxy Auto-Configuration (PAC) script that will route traffic to your Burp proxy only if it ma

null 30 Jun 13, 2022
Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)

BFAC - Burp Extension Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications). What is BFAC - Burp Extension ? Backup fi

SEC-IT 18 Jul 16, 2022
Burp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046

Log4j-HammerTime This Burp Suite Active Scanner extension validates exploitation of the Apache Log4j CVE-2021-44228 and CVE-2021-45046 vulnerabilities

DXC Technology - StrikeForce 8 Jan 8, 2022
OAUTHScan is a Burp Suite Extension written in Java with the aim to provide some automatic security checks

OAUTHScan is a Burp Suite Extension written in Java with the aim to provide some automatic security checks, which could be useful during penetration testing on applications implementing OAUTHv2 and OpenID standards.

Maurizio S 163 Nov 29, 2022
DFA来过滤敏感词工具。--- The sensitive word tool for java with DFA.

sensitive-word-plus sensitive-word-plus 基于 DFA 算法实现的高性能敏感词工具。 站在巨人肩膀上,本项目是根据sensitive-word 做的升级 创作目的 基于sensitive-word-plus 实现返回敏感词类型 实现一款好用敏感词工具。 基于 D

null 11 Sep 22, 2022
Similar to the minimap application, this program gets information from the center of the screen and displays information about that creature from a database.

New-World-CreatureInfo Similar to the minimap application, this program gets information from the center of the screen and displays information about

Mal Ball 2 Sep 21, 2022
Eclipse Jetty® - Web Container & Clients - supports HTTP/2, HTTP/1.1, HTTP/1.0, websocket, servlets, and more

Eclipse Jetty Canonical Repository This is the canonical repository for the Jetty project, feel free to fork and contribute now! Submitting a patch or

Eclipse Foundation 3.5k Dec 28, 2022
Publish Kafka messages from HTTP

Kafka Bridge Publish Kafka messages from HTTP Configuration Example configuration for commonly used user + password authentication: kafka-bridge: ka

neuland - Büro für Informatik 4 Nov 9, 2021
Share the chat messages across Minecraft Servers via HTTP backend powered by Spring Boot, this is the backend part of the project.

InterconnectedChat-Backend Share the chat messages across Minecraft Servers via HTTP backend powered by Spring Boot, this is the backend part of the p

贺兰星辰 3 Oct 6, 2021
This is a simple realization of custom messages pre/post processing in spring-boot HTTP/Stream requests & responses

spring-boot-custom-message-converting-instances This is a simple realization of custom messages converting in spring-boot HTTP requests and responses.

Innopolis University Java Team 1 Jul 22, 2022
A template and introduction for the first kafka stream application. The readme file contains all the required commands to run the Kafka cluster from Scrach

Kafka Streams Template Maven Project This project will be used to create the followings: A Kafka Producer Application that will start producing random

null 2 Jan 10, 2022
Android application made during an introduction class to mobile application development.

Reflex Revolution Android application made during an introduction class to mobile application development. Contributors Hailey Savoie Carter Moore Fre

Frederic Verret 3 Aug 27, 2022
Three Java projects assigned for the Introduction to Object-Oriented Programming (CMPE 160) course in the Spring 2021 semester.

CMPE160-projects Three Java projects assigned for the Introduction to Object-Oriented Programming (CMPE 160) course in the Spring 2021 semester. These

Aras Güngöre 21 Dec 6, 2022
Burp plugin for the 1Password session protocol for use by security researchers. https://bugcrowd.com/agilebits

1Password session analyzer plugin for Burp Suite This repository contains a Burp plugin that adds a special message editor view to Burp to analyze and

1Password 45 Nov 28, 2022
A handy plugin for copying requests/responses directly from Burp, some extra magic included.

RIO BurpSuite plugin Request Input Output BurpSuite plugin A.K.A RIO - A handy plugin for copying requests/responses directly from Burp, some extra ma

Daniel Kalinowski 13 Nov 22, 2022
Copy Regex Matches is a Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.

Copy Regex Matches Copy Regex Matches is a Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard. Install D

null 28 Dec 2, 2022