1、Setting up the envrionment for burp Extensions  

before we can write extensions we need to ensure that the environment is set up. this is very important if you want to avoid hours and hours of the frustration with youself  more information  can be found at HTTP :http://www.burpextensions.com/tutorials/setting-up-the-pythonjython-environment-for-burpsuite/.

2、Writing your first burp Suite Extension 

A gentle introduce to writing your first exteniso use the code provided here as your boiler plate to test whrtehr your environemt has been set up properly iff the extension gets added without any errors then you are foog to go  , more information be found at http://blog.portswigger.net/2012/12/writing-yourfirst-burp-extension.html.

3- Write a simple Burp Extension in python :

Using Burp extension and writing your own this has be the place where ou lean how to write a Burp Extension in Python   the code is simple the post explains all that is required and the extension will useful things as soon as it is added ,More information can be found at http://www. burpextensions.com/tutorials/tutorial-python-extension-post-1/and http://www.burpextensions.com/downloads/pythontutorial-1.txt.

Burp Extensions tutorials :

Now that you have read the offical document you can  make full use of these toutorials that deep into extensions more information about burp Sutie extension toutorials can be found at http://www.burpextensions.com/category/tutorials/.

Extending Burp  Suite Proxy with Extensions

http://blog.opensecurityresearch.com/2014/03/extending-burp.html.

Burp suite Crawljax selenium JUint integration

https://github.com/malerisch/burp-csj.

Writing and debugging Burp Suiite Extension in Python :  http://sethsec. blogspot.in/2014/01/writing-and-debugging-burpsuite.html.

Searching Github for Burp Suite Extensions :https://github.com/search?utf 8=%E2%9C%93&q=burp+extension.

and if you want to Writing in any language you want  gey more information as :

https://github.com/liftsecurity/burpbuddy.

How we Tsting Mobile application for web Security using Burp Suite

some  useful resources  to test mobile application for web security using Burp Suite can be found at the foolwing locations

how to St UP An ios Pen Testing Envrionment : http://eightbit.io/post/64319534191/how-to-set-up-an-ios-pen-testing-environment

Import Burp Suite Certificate For android pentesting without root :http://backtosecurity.com/importing-burp-certificate-forandroid-
pentesting-without-root/

Windows Mobile Burp Suite Proxy setup :http://pentest-forum.com/index. php?topic=688.0

Pentesting Web Security with anti CSRE token using Burp PRO :http://www.notsosecure.com/blog/2014/07/02/pentesting-web-service-withcsrf-token-with-burp-pro/

IOS Assessment with Burp Suite +iFunBox +SQLLite :http://blog.nvisium. com/2014/08/ios-assessments-with-burp-ifunbox-sqlite.html

Burp Suite Extension tools的更多相关文章

  1. Burp Suite使用介绍

    Burp Suite使用介绍(一)  22人收藏 收藏 2014/05/01 19:54 | 小乐天 | 工具收集 | 占个座先 Getting Started Burp Suite 是用于攻击web ...

  2. Burp Suite使用介绍总结

    Burp Suite使用介绍(一) 小乐天 · 2014/05/01 19:54 Getting Started Burp Suite 是用于攻击web 应用程序的集成平台.它包含了许多工具,并为这些 ...

  3. Burp Suite初探

    Burp Suite 是用于攻击web 应用程序的集成平台.它包含了许多工具,并为这些工具设计了许多接口,以促进加快攻击应用程序的过程. 一.安装部署 需要配置java环境,首先安装java,然后配置 ...

  4. Burp Suite安装&环境配置&启动&浏览器设置代理

    一.简述 Burp Suite是一款使用Java编写的,用于Web安全审计与扫描套件.它集成了诸多实用的小工具以完成http请求的转发/修改/扫描等,同时这些小工具之间还可以 互相协作,在BurpSu ...

  5. Burp Suite使用

    Burp Suite是Web应用程序测试的最佳工具之一,其多种功能可以帮我们执行各种任务.请求的拦截和修改,扫描web应用程序漏洞,以暴力破解登陆表单,执行会话令牌等多种的随机性检查.本文将做一个Bu ...

  6. Burp Suite Walkthrough(英文版)

    Burp Suite is one of the best tools available for web application testing. Its wide variety of featu ...

  7. Burp Suite教程(英文版)

    In this article, we are going to see another powerful framework that is used widely in pen-testing. ...

  8. Burp Suite Walkthrough

    Burp Suite is one of the best tools available for web application testing. Its wide variety of featu ...

  9. 利用Burp Suite攻击Web应用

    i春秋作家:Passerby2 web应用测试综述: Web应用漏洞给企业信息系统造成了很大的风险.许多web应用程序漏洞是由于web应用程序缺乏对输入的过滤.简而言之Web应用程序利用来自用户的某种 ...

随机推荐

  1. 必须要注意的 C++ 动态内存资源管理(五)——智能指针陷阱

    必须要注意的 C++ 动态内存资源管理(五)——智能指针陷阱 十三.小心使用智能指针.         在前面几节已经很详细了介绍了智能指针适用方式.看起来,似乎智能指针很强大,能够很方便很安全的管理 ...

  2. window git安装 以及 tortoiseGit安装与使用

    一:Git安装 使用TortoiseGit这个程序,需要先安装Git Windows版本Git的下载页面: http://git-scm.com/download/win 1:下载Git到文件夹, 2 ...

  3. sigaction和实时信号sigqueue

    sigaction函数sigaction函数的功能是用于改变进程接收到特定信号后的行为.int sigaction(int signum, const struct sigaction *act,st ...

  4. [LeetCode] 310. Minimum Height Trees 最小高度树

    For a undirected graph with tree characteristics, we can choose any node as the root. The result gra ...

  5. java:网络编程(UDP (DatagramSocket和DatagramPacket)正则表达式)

    java:网络编程(UDP (DatagramSocket和DatagramPacket)正则表达式) * TCP* 特点:面向连接,点对点的通信,效率较低,但安全可靠* UDP:用户数据报协议,类似 ...

  6. 【Python学习之十】操作数据库

    环境 虚拟机:VMware 10 Linux版本:CentOS-6.5-x86_64 客户端:Xshell4 FTP:Xftp4 python3.6 操作mysql数据库 1.安装pymysql模块p ...

  7. 2019年广东外语外贸大学程序设计竞赛(新手赛)-F题(好快的刀)题解

    题面: 题目意为,任意连接两个圆的圆心形成一条直线,计算与该直线相交或相切的圆的数量,求这些直线最多能相交或相切多少个圆 解题思路: 遍历所有的圆,计算出两圆圆心生成的直线,再遍历其他的圆,检测这些圆 ...

  8. markdown ——flow流程图

    一个纯文本的语法怎么画图? 将流程图代码包含在```folw和`````之间即可 例子 st=>start: Start op=>operation: Your Operation sub ...

  9. 经典例题(Python)

    经典例题 if嵌套 1.用户输入账号2.用户输入密码3.判断用户的账号是不是alex4.如果账号是alex在继续判断密码是不是alexdsb5.账号和密码都正确提示用户alex就是一个dsb6.如果账 ...

  10. Linux+QT界面开发(含数据库)小结

    今天十一国庆节,过了一个很有意义的国庆节,去了龙岗区图书馆,第一次知道了借的书可以在任意分馆归还!这个切实方便了广大读者.针对Linux应用,特意借阅一本:<linux环境下Qt4图形界面与My ...