Python

Extension: SAML Message Editor

Type: – Serialization
——————————————-
Description:
SAML Message Editor Extension attempts to identify request/responses containing SAML (Security Assertion Markup Language) formatted messages and provide them in a convenient format via a SAML message editor tab.

Extension: SAML Encoder/Decoder

Type: – Serialization
——————————————-
Description:
SAML Encoder/Decoder Extension provides a new BurpSuite Tab containing functionality to Encode and Decode SAML (Security Assertion Markup Language) formatted messages.

Extension: WSDL Wizard

Type: – Discovery
——————————————-
Description:
Google Hack Extension allows you to search google’s Site: using keywords adding results to Burps Target window. By providing query words used in common Google WSDL Wizard assists with the detection of .wsdl file extensions within scoped web applications. Using Burps Menu api’s WSDL wizard creates a convenient way to scan for .wsdl file extensions.

Extension: Protobuf Decoder

Type: – Serialization
——————————————-
Description:
The Protobug Decoder extension allows for decoding and beautifying protobuf response via Burp Suite. When a new protobuf response is found via the “Content-Type: application/x-protobuf” header a new Message Editor tab is build containing the decoded response. Also a .proto file can be used to define the messages format.

Extension: JSBeautifier

Type: – Misc
——————————————-
Description:
JS Beautifier extension is used to format incoming Javascript responses into a more legible format. When enabled and a javascript response is received, a “javascript” tab will appear in the MessageEditor tab with a more conventional format that will allow you to review and/or modify the javascript source.

Extension: JSON Decoder

Type: – Serialization
——————————————-
Description:
JSON Decoder adds a MessageEditorTab to Burp’s Request/Response containing the decoded JSON message. The tab is added when Content-Type: “application/json” is found.

Extension: JavaScript Injector

Type: – Exploitation
——————————————-
Description:
An advanced Match/Replace extension allowing you to inject Javascript into MiTM responses. JavaScript Injector obeys scope, matches against specific response bodies, and identifies if the target is already infected.

Extension: WCF Binary SOAP Handler

Type: – Serialization
——————————————-
Description:
Nick Coblentz has updated Brian Holyfield’s original Burp Extension to handle Binary SOAP messages to work with Burps new API format. This extension allows for the ability to view and modify WCF Binary SOAP messages found in Silverlight, WPF and other applications.

Extension: Jython API

Type: – API, Console
——————————————-
Description:
Marcin’s Jython API is a Burp Framework that allows the running of multiple extensions and also provides an interactive jython console. The console allows you to interact with Burps functionality, having access to python/jython commands and functions.

Extension: Payload Parser

Type: – Detection, Exploitation
——————————————-
Description:
Payload Parser Extension allows you to provide characters identified as being sanitized/unsanitized and shows you payloads that exclude all characters or include at least 1. The Extension also allows you to save the payload list for use in functionality like Burp Intruder.