Copy as XMLHttpRequest BurpSuite extension

Related tags

Security xmlhttprequest csrf burp burp-plugin burpsuite burp-extensions cross-site-request-forgery
Overview

Copy as XMLHttpRequest BurpSuite extension

The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript's XmlHttpRequest, which simplifies PoC development when exploiting XSS.

demo

Installation

  • download the latest JAR from releases or build manually
  • add JAR to burpsuite using tabs: "Extender" -> "Extensions" -> "Add"

Usage

  • select one request from any tab or a few requests in "Proxy" -> "HTTP history" tab
  • invoke context menu and select "Copy as XMLHttpRequest"
You might also like...

A BurpSuite plugin for BBRF

A BurpSuite plugin for BBRF

bbrf-burp-plugin What's BBRF? The Bug Bounty Reconnaissance Framework (BBRF) is intended to facilitate the workflows of security researchers across mu

Jun 22, 2022

CTFCrackTools 's BurpSuite Plugin - Decode and Encode

CTFCrackTools 's BurpSuite Plugin - Decode and Encode

DaE - Decode and Encode CTFCrackTools 's BurpSuite Plugin - Decode and Encode Many people suggested that I develop BurpSuite version, so I ported this

Nov 4, 2022

This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.

BurpSuiteAutoCompletion This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.

Oct 28, 2022

Burpsuite plugin for Interact.sh

Burpsuite plugin for Interact.sh

Interactsh Collaborator This is a Burpsuite plugin for Interact.sh This plugin implements the client side logic from interactsh-client. It will allow

Nov 30, 2022

Log4j2Scan - Log4j2 RCE Passive Scanner plugin for BurpSuite

Log4j2Scan - Log4j2 RCE Passive Scanner plugin for BurpSuite

Log4j2Scan This tool is only for learning, research and self-examination. It should not be used for illegal purposes. All risks arising from the use o

Jan 6, 2023

Manifold plugs into Java to supplement it with powerful features, from Type-safe Metaprogramming (direct access to GraphQL, JSON, XML, etc.), Extension Methods, Operator Overloading, and Unit Expressions to an integrated Template Engine and a Preprocessor. All fully supported in IntelliJ IDEA and Android Studio. Simply add Manifold to your project and begin taking advantage of it.

Manifold plugs into Java to supplement it with powerful features, from Type-safe Metaprogramming (direct access to GraphQL, JSON, XML, etc.), Extension Methods, Operator Overloading, and Unit Expressions to an integrated Template Engine and a Preprocessor. All fully supported in IntelliJ IDEA and Android Studio. Simply add Manifold to your project and begin taking advantage of it.

What is Manifold? Manifold plugs into Java to supplement it with powerful features, including: Type-safe Meta-programming Extension Methods Operator O

Dec 29, 2022

Extension module to properly support datatypes of javax.money

Jackson Datatype Money Jackson Datatype Money is a Jackson module to support JSON serialization and deserialization of JavaMoney data types. It fills

Jan 2, 2023

A spatial extension of the H2 database.

H2GIS H2GIS is a spatial extension of the H2 database engine in the spirit of PostGIS. It adds support for managing spatial features and operations on

Oct 19, 2022

Spring Integration provides an extension of the Spring programming model to support the well-known Enterprise Integration Patterns (EIP)

Spring Integration Code of Conduct Please see our Code of conduct. Reporting Security Vulnerabilities Please see our Security policy. Checking out and

Dec 30, 2022

An MIT AI2 extension to allows developers to show media style notifications for their applications.

An MIT AI2 extension to allows developers to show media style notifications for their applications.

Media Notifications An MIT AI2 extension to allows developers to show media style notifications for their applications.

Jan 7, 2023

Terminal UI JMX (Java management extension) viewer

Terminal UI JMX (Java management extension) viewer

JMXViewer Terminal UI JMX (Java management extension) viewer Usage java -jar jmxviewer.jar [pid] The PID is optional. If it is not provided, the appli

Sep 15, 2022

fabric-carpet extension mod which attempts to fix as many vanilla bugs as possible. Feel free to add as many fixes as you want!

Carpet-Fixes Fabric Carpet extension mod which attempts to fix as many vanilla bugs as possible! Feel free to contribute by adding as many fixes as yo

Jan 6, 2023

Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)

Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)

BFAC - Burp Extension Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications). What is BFAC - Burp Extension ? Backup fi

Jul 16, 2022

Quarkus Couchbase Extension

Quarkus Couchbase Extension Integrates Couchbase into Quarkus. This extension is currently in alpha status. It supports: Dependency injecting a Couchb

May 10, 2022

A Minestom extension that opens the port that the Minestom server is running on!

OpenPortStom A project that uses weupnp to forward the port for you when starting your server, it will also attempt to close the port. Yes this is a s

Apr 24, 2022

Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.

CYS4-SensitiveDiscoverer Introduction Burp Suite is a useful tool used to do web application security testing. While Burp Suite provides a lot of func

Nov 16, 2022

Examples and HowTos for BouncyCastle and Java Cryptography Extension (JCE)

CryptographicUtilities Examples and HowTos for BouncyCastle and Java Cryptography Extension (JCE) See class "/src/main/java/de/soderer/utilities/crypt

Dec 19, 2021

This extension identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities.

This extension identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities.

param-miner This extension identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities. It combin

Jan 27, 2022

Burp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046

Log4j-HammerTime This Burp Suite Active Scanner extension validates exploitation of the Apache Log4j CVE-2021-44228 and CVE-2021-45046 vulnerabilities

Jan 8, 2022
Owner
Alexey Pronin
Alexey Pronin
GitHub
CTFCrackTools 's BurpSuite Plugin - Decode and Encode

DaE - Decode and Encode CTFCrackTools 's BurpSuite Plugin - Decode and Encode Many people suggested that I develop BurpSuite version, so I ported this

0chen 66 Nov 4, 2022
This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.

BurpSuiteAutoCompletion This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.

Tanner Barnes 147 Oct 28, 2022
Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)

BFAC - Burp Extension Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications). What is BFAC - Burp Extension ? Backup fi

SEC-IT 18 Jul 16, 2022
Examples and HowTos for BouncyCastle and Java Cryptography Extension (JCE)

CryptographicUtilities Examples and HowTos for BouncyCastle and Java Cryptography Extension (JCE) See class "/src/main/java/de/soderer/utilities/crypt

null 1 Dec 19, 2021
Burp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046

Log4j-HammerTime This Burp Suite Active Scanner extension validates exploitation of the Apache Log4j CVE-2021-44228 and CVE-2021-45046 vulnerabilities

DXC Technology - StrikeForce 8 Jan 8, 2022
OAUTHScan is a Burp Suite Extension written in Java with the aim to provide some automatic security checks

OAUTHScan is a Burp Suite Extension written in Java with the aim to provide some automatic security checks, which could be useful during penetration testing on applications implementing OAUTHv2 and OpenID standards.

Maurizio S 163 Nov 29, 2022
Facsimile - Copy Your Most Used Text to Clipboard Easily with Facsimile!. It Helps You to Store You Most Used Text as a Key, Value Pair and Copy it to Clipboard with a Shortcut.

Facsimile An exact copy of Your Information ! Report Bug ยท Request Feature Table of Contents About The Project Built With Getting Started Installation

Sri lakshmi kanthan P 1 Sep 12, 2022
Copy Regex Matches is a Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.

Copy Regex Matches Copy Regex Matches is a Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard. Install D

null 28 Dec 2, 2022
This tool can read the QR code from the Remote Admin menu and copy the ID of the User to the Clipboard.

SCP-SL-QR-Reader Tool for easy copying This tool can read the QR code from the Remote Admin menu and copy the ID of the User to the Clipboard. Detecta

null 6 Aug 14, 2021
Download or repost public instagram posts easily by selecting "Copy Link" in Instagram.

Insta Save and Repost Description Download or repost public instagram posts easily by selecting "Copy Link" in Instagram. Screenshots Features Downloa

null 1 Jan 21, 2022