Burp Extension Development Part 1: Setup & Basics

Ғылым және технология

It's the first week of the New Year, and we are starting the year with an exciting new series with Tib3rius: Burp Extension Development. In this series, we'll add new features and explore what the Burp Extension API offers. Even with the free community edition!
Today, we'll start with setting up your development environment and walkthrough making your very first Burp Suite extension!
0:00 Intro
1:55 Setting up our development environment
6:39 Creating our first extension
12:08 Building & installing our extension
13:49 Modifying request headers using our extension
20:24 Rebuilding our extension
21:48 Outro
Useful Links Mentioned in the Video:
www.codecademy.com/learn/lear...
www.jetbrains.com/idea
portswigger.net/burp/document...
github.com/Tib3rius/burpsuite...
Are you interested in Sponsoring one of our KZread Videos? Contact us with the form here: forms.clickup.com/36003094/f/...
portswigger.github.io/burp-ex...
github.com/Tib3rius/burpsuite...
Pentests & Security Consulting: tcm-sec.com
Get Trained: academy.tcm-sec.com
Get Certified: certifications.tcm-sec.com
Merch: merch.tcm-sec.com
Sponsorship Inquiries: info@thecybermentor.com
📱Social Media📱
___________________________________________
Twitter: / thecybermentor
Twitch: / thecybermentor
Instagram: / thecybermentor
LinkedIn: / heathadams
TikTok: / thecybermentor
Discord: / discord
💸Donate💸
___________________________________________
Like the channel? Please consider supporting me on Patreon:
/ thecybermentor
Support the stream (one-time): streamlabs.com/thecybermentor
Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking: amzn.to/31GN7iX
The Hacker Playbook 3: amzn.to/34XkIY2
Hacking: The Art of Exploitation: amzn.to/2VchDyL
The Web Application Hacker's Handbook: amzn.to/30Fj21S
Real-World Bug Hunting: A Field Guide to Web Hacking: amzn.to/2V9srOe
Social Engineering: The Science of Human Hacking: amzn.to/31HAmVx
Linux Basics for Hackers: amzn.to/34WvcXP
Python Crash Course, 2nd Edition: amzn.to/30gINu0
Violent Python: amzn.to/2QoGoJn
Black Hat Python: amzn.to/2V9GpQk
My Build:
lg 32gk850g-b 32" Gaming Monitor:amzn.to/30C0qzV
darkFlash Phantom Black ATX Mid-Tower Case: amzn.to/30d1UW1
EVGA 2080TI: amzn.to/30d2lj7
MSI Z390 MotherBoard: amzn.to/30eu5TL
Intel 9700K: amzn.to/2M7hM2p
G.SKILL 32GB DDR4 RAM: amzn.to/2M638Zb
Razer Nommo Chroma Speakers: amzn.to/30bWjiK
Razer BlackWidow Chroma Keyboard: amzn.to/2V7A0or
CORSAIR Pro RBG Gaming Mouse: amzn.to/30hvg4P
Sennheiser RS 175 RF Wireless Headphones: amzn.to/31MOgpu
My Recording Equipment:
Panasonic G85 4K Camera: amzn.to/2Mk9vsf
Logitech C922x Pro Webcam: amzn.to/2LIRxAp
Aston Origin Microphone: amzn.to/2LFtNNE
Rode VideoMicro: amzn.to/309yLKH
Mackie PROFX8V2 Mixer: amzn.to/31HKOMB
Elgato Cam Link 4K: amzn.to/2QlicYx
Elgate Stream Deck: amzn.to/2OlchA5
*We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.

Пікірлер: 14

  • @Chran0
    @Chran05 ай бұрын

    Cant wait for this series.

  • @thejuan7379
    @thejuan73794 ай бұрын

    Would it not be better to go over BChecks and Bambdas? Much simpler and will probably cover most of people's use cases, instead of having to build an extension.

  • @justarandomcat7
    @justarandomcat75 ай бұрын

    #Tib3rius The best !

  • @ELJaY58
    @ELJaY585 ай бұрын

  • @sotecluxan4221
    @sotecluxan42215 ай бұрын

    😻

  • @hoodieboy9974
    @hoodieboy99745 ай бұрын

    Thanks for the series, i wish there will be python too cause i'm looking for it

  • @Tib3rius

    @Tib3rius

    5 ай бұрын

    Unfortunately I don't believe Python is going to be supported in the Montoya API, likely because Jython hasn't received significant updates in a long time. However hopefully this series will show you how easy it is to write Java code using the IDE!

  • @hoodieboy9974

    @hoodieboy9974

    5 ай бұрын

    @@Tib3rius yep that's right, kinda lazy to learn java again but we will see from your series. Thanks ❤️

  • @swastikshetty8235
    @swastikshetty82354 ай бұрын

    i literally started my college project on burp extensions when i found this ....please can you add the feature of a automated web crawler ...would really appreciate it

  • @sundayz__
    @sundayz__5 ай бұрын

    Great content ! I'm working on an extension but I can't find a way to retrieve the project title to save information for each project :(

  • @Tib3rius

    @Tib3rius

    5 ай бұрын

    IIRC there isn't a standard way using the API, however you can grab the Window title which contains the project name: api.userInterface().swingUtils().suiteFrame().getTitle() You'd just have to remove the references to Burp Suite and who the instance is licensed to.

  • @sundayz__

    @sundayz__

    5 ай бұрын

    @@Tib3rius Thanks for your reply I'm using the API in python and I can't find these functions. I think I'll have to switch to the montoya java API.

  • @Tib3rius

    @Tib3rius

    5 ай бұрын

    @@sundayz__ Ah yeah, that's what I would recommend. There probably is a way to do it using the legacy API but it likely uses some messy functions.

  • @TheCyberWarriorGuy
    @TheCyberWarriorGuy5 ай бұрын

    :)

Келесі