Burpsuite plugin for Interact.sh

Overview

Interactsh Collaborator

This is a Burpsuite plugin for Interact.sh

This plugin implements the client side logic from interactsh-client. It will allow you to generate new domains that can be used for OOB testing. If you host your own version of Interactsh you can configure it in the Configuration tab.

This extension works in addition to Burpsuite's Collaborator service.

All results are logged in the Interactsh Logs tab once the extension is loaded. Verbose details will be displayed in the bottom window once an OOB interaction is logged and selected.

Interactsh-Collaborator

Build

  1. mvn package
  2. Add the target/collaborator-1.x.x-dev-jar-with-dependencies.jar file as a new Java extension in Burpsuite

Alternatively you can download the precompiled library from the latest releast

Usage

After the extension is installed you should be able to see the Interactsh tab. Navigate to the tab and click the button labeled Generate Interactsh Url.

This button will copy the generated domain name to your clipboard. The domain name will also be logged to the extension output.

You can then use this domain name in any OOB testing. To generate a sample event you can visit that domain in a new browser tab.

Data should populate after a few seconds into the table with details about what type of OOB interaction occurred.

Try adjusting the poll time to a shorter value when you expect active results.

Comments
  • Missing interactions for self hosted server

    Missing interactions for self hosted server

    • Load latest jar file in burp
    • Update with self-hosted server under config
    • Click on Update settings
    • Generate new payload
    • Visit the URL, notice interactions are not updated.
    opened by ehsandeep 6
  • InteractSH Collaborator not showing logs

    InteractSH Collaborator not showing logs

    Hi, my problem is that there is not logs on this window: image This is my configuration: image

    and this is the output on Extensions window: image Any ideas? I'm using Burp Suite CE v2022.9.6 build 17218 and InteractSH Collaborator Extension v1.0.1 Thanks.

    opened by jjmuriel 2
  • server can't find xxxxxxx.interact.sh: SERVFAIL

    server can't find xxxxxxx.interact.sh: SERVFAIL

    I just installed the interact.sh extension to my burp suite. Whenever I am generating a interact.sh url and doing a nslookup ...I am getting this things

    Non-authoritative answer: Name: xxxxl.interact.sh Address: xx.xxx.xx.xxx ** server can't find xxxx.interact.sh: SERVFAIL

    Also these are the ouputs that I am getting

    Starting Interactsh Collaborator! Generating new Interactsh client New domain is: cd8d7o6kefpgb695q2kgviuzsvrsdavbl.interact.sh Response cannot be null Error registering client

    opened by MHR890 2
  • Interactsh Web Client or Interactsh Collaborator

    Interactsh Web Client or Interactsh Collaborator

    Hi, what does this extension do? It is useless as it isn't used instead of Burp Collaborator. You can use Interactsh Web Client instead of this extension. https://app.interactsh.com/

    opened by byposeidon 1
  • [Request] Custom Configuration

    [Request] Custom Configuration

    As a user of interactsh-collaborator I should be able to supply a custom Interact.sh server without recompiling the entire application.

    These settings should be persisted when closing and opening Burpsuite.

    opened by wdahlenburg 1
  • Add Configuration Pane

    Add Configuration Pane

    This PR adds the configuration pane.

    A SpringLayout was used within a FlowLayout pane to create the nice form.

    The update button will save the settings so that they persist when burpsuite is closed and reloaded.

    The settings are referenced when a client is created.

    opened by wdahlenburg 0
  • [REQUEST] interactsh-collaborator everywhere

    [REQUEST] interactsh-collaborator everywhere

    It would be great to have a interactsh-collaborator everywhere like collaborator everywhere. This in the event the default burp collaborator has been blocked by a WAF.

    opened by mr0xE 0
  • [REQUEST] Poll Now, highlight, delete items

    [REQUEST] Poll Now, highlight, delete items

    If it is possible to add a poll now button like collaborator, and the possibility to delete some items and to highlight with colors some others like there is in the others burp tabs.

    Thanks for your awesome extensions!!! it is a game changer ;)

    opened by iNoSec2 0
  • [Request] Smart Polling

    [Request] Smart Polling

    When the poll count changes each thread should respond within a few seconds to determine if the current time slept is greater than the new poll time. If so, then stop sleeping and poll.

    This issue arises from the fact that TimeUnit.SECONDS.sleep(burp.BurpExtender.pollTime); is called. Instead I should sleep for a second at a time and add to a sleep counter. This allows each thread to not be stuck sleeping until the old poll duration is complete.

    opened by wdahlenburg 0
Releases(v1.0.1)
Owner
Wyatt Dahlenburg
Security Researcher and Developer
Wyatt Dahlenburg
A Camunda Process Engine Plugin to execute Clojure Functions from Activities

camunda-clojure-plugin A Camunda Process Engine Plugin to execute Clojure Functions as Delegates Why do we need this? While Camunda is tightly integra

lambdaschmiede GmbH 11 Oct 11, 2022
A plugin for the ja-netfilter, it can block dns resolution.

A plugin for the ja-netfilter, it can block dns resolution.

null 17 May 12, 2022
A small Private Messaging Minecraft Plugin

Project PM is a Private Messaging system Mini-Plugin Description ?? This is a test plugin, meaning I didn't really intend it for the public use, the "

ren 1 Sep 15, 2022
FreedomChat is a very simple plugin that makes player chat unreportable.

FreedomChat is a very simple plugin that makes player chat unreportable. FreedomChat completely disables chat reporting for 1.19+ without other negative consequences and maximum compatibility.

null 127 Jan 7, 2023
A BurpSuite plugin for BBRF

bbrf-burp-plugin What's BBRF? The Bug Bounty Reconnaissance Framework (BBRF) is intended to facilitate the workflows of security researchers across mu

Pieter 19 Jun 22, 2022
CTFCrackTools 's BurpSuite Plugin - Decode and Encode

DaE - Decode and Encode CTFCrackTools 's BurpSuite Plugin - Decode and Encode Many people suggested that I develop BurpSuite version, so I ported this

0chen 66 Nov 4, 2022
Log4j2Scan - Log4j2 RCE Passive Scanner plugin for BurpSuite

Log4j2Scan This tool is only for learning, research and self-examination. It should not be used for illegal purposes. All risks arising from the use o

Whwlsfb 439 Jan 6, 2023
This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.

BurpSuiteAutoCompletion This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.

Tanner Barnes 147 Oct 28, 2022
Copy as XMLHttpRequest BurpSuite extension

Copy as XMLHttpRequest BurpSuite extension The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript's Xm

Alexey Pronin 30 Dec 25, 2022
A toolchain for Minecraft: Java Edition that builds a workspace to interact with the game using the official mappings provided to the public by Mojang Studios.

VanillaGradle is a toolchain for Minecraft: Java Edition that provides a workspace to interact with the game using official mappings provided by Mojan

SpongePowered 75 Nov 22, 2022
🧚‍♀️ Java library to interact with YouTrack's REST API.

YouTrack API for Java ??‍ Java library to interact with YouTrack's REST API.

Noel 2 Oct 1, 2021
Command Line Interface to interact with Carbyne Stack Virtual Clouds

Carbyne Stack Command Line Interface This is a CLI tool to communicate with the Carbyne Stack services. DISCLAIMER: The Carbyne Stack CLI is alpha sof

Carbyne Stack 5 Oct 15, 2022
Portaudio4j - An exploratory project to interact with the PortAudio C library using Java's FFI (Panama) APIs

Examples of PortAudio called by Java's Panama APIs JEP 412. At the moment this is purely exploratory (still kicking the tires) as it progresses in the

Carl Dea 4 Dec 29, 2021
High level api to interact with maven form within the jvm

maven-utils High level api to interact with maven from within the jvm Use it by adding the dependency to your maven pom: <dependency> <groupId>se.

Alipsa 5 Sep 29, 2022
An easy to use api to interact with many versions of minecraft in a version independent environment.

Glass - API An easy to use api to interact with many versions of minecraft in a version independent environment. Setup Instructions should be relative

null 2 Jan 25, 2022
DnD Plugin submission using Atlas. Plugin inspired on the TrollGUI bukkit plugin

?? PunishGUI DnD Plugin submission using Atlas. Plugin inspired on the TrollGUI bukkit plugin ?? Dependencies ?? Paper 1.18 ?? Atlas ?? Commands /hell

null 1 Jan 19, 2022
This plugin disables commands specified in the configuration and prevents granting the "OP" authority to people not authorized in the plugin configuration.

Ares This plugin disables commands specified in the configuration and prevents granting the "OP" authority to people not authorized in the plugin conf

ᴠᴀʟᴇɴᴛɪɴ ᴢʜᴇʟᴇᴠ 6 Aug 30, 2022
Paper-nms-maven-plugin - A maven plugin for using NMS on paper with Mojang mappings.

paper-nms-maven-plugin A maven plugin for using NMS on paper with Mojang mappings. This plugin will both create the mapped paper dependency and instal

null 56 Dec 28, 2022
Plugin-power - A plugin for the ja-netfilter, it is a dragon slayer for asymmetric encryption.

plugin-power A plugin for the ja-netfilter, it is a dragon slayer for asymmetric encryption. Use the mvn clean package command to compile and use powe

null 110 May 25, 2022
Plugin-fineagent - A plugin for the ja-netfilter, it allows you to use fineagent in ja-netfilter.

plugin-fineagent A plugin for the ja-netfilter, it allows you to use fineagent in ja-netfilter. Use the mvn clean package command to compile and use F

null 19 Jun 25, 2022