1、Setting up the envrionment for burp Extensions  

before we can write extensions we need to ensure that the environment is set up. this is very important if you want to avoid hours and hours of the frustration with youself  more information  can be found at HTTP :http://www.burpextensions.com/tutorials/setting-up-the-pythonjython-environment-for-burpsuite/.

2、Writing your first burp Suite Extension 

A gentle introduce to writing your first exteniso use the code provided here as your boiler plate to test whrtehr your environemt has been set up properly iff the extension gets added without any errors then you are foog to go  , more information be found at http://blog.portswigger.net/2012/12/writing-yourfirst-burp-extension.html.

3- Write a simple Burp Extension in python :

Using Burp extension and writing your own this has be the place where ou lean how to write a Burp Extension in Python   the code is simple the post explains all that is required and the extension will useful things as soon as it is added ,More information can be found at http://www. burpextensions.com/tutorials/tutorial-python-extension-post-1/and http://www.burpextensions.com/downloads/pythontutorial-1.txt.

Burp Extensions tutorials :

Now that you have read the offical document you can  make full use of these toutorials that deep into extensions more information about burp Sutie extension toutorials can be found at http://www.burpextensions.com/category/tutorials/.

Extending Burp  Suite Proxy with Extensions

http://blog.opensecurityresearch.com/2014/03/extending-burp.html.

Burp suite Crawljax selenium JUint integration

https://github.com/malerisch/burp-csj.

Writing and debugging Burp Suiite Extension in Python :  http://sethsec. blogspot.in/2014/01/writing-and-debugging-burpsuite.html.

Searching Github for Burp Suite Extensions :https://github.com/search?utf 8=%E2%9C%93&q=burp+extension.

and if you want to Writing in any language you want  gey more information as :

https://github.com/liftsecurity/burpbuddy.

How we Tsting Mobile application for web Security using Burp Suite

some  useful resources  to test mobile application for web security using Burp Suite can be found at the foolwing locations

how to St UP An ios Pen Testing Envrionment : http://eightbit.io/post/64319534191/how-to-set-up-an-ios-pen-testing-environment

Import Burp Suite Certificate For android pentesting without root :http://backtosecurity.com/importing-burp-certificate-forandroid-
pentesting-without-root/

Windows Mobile Burp Suite Proxy setup :http://pentest-forum.com/index. php?topic=688.0

Pentesting Web Security with anti CSRE token using Burp PRO :http://www.notsosecure.com/blog/2014/07/02/pentesting-web-service-withcsrf-token-with-burp-pro/

IOS Assessment with Burp Suite +iFunBox +SQLLite :http://blog.nvisium. com/2014/08/ios-assessments-with-burp-ifunbox-sqlite.html

Burp Suite Extension tools的更多相关文章

  1. Burp Suite使用介绍

    Burp Suite使用介绍(一)  22人收藏 收藏 2014/05/01 19:54 | 小乐天 | 工具收集 | 占个座先 Getting Started Burp Suite 是用于攻击web ...

  2. Burp Suite使用介绍总结

    Burp Suite使用介绍(一) 小乐天 · 2014/05/01 19:54 Getting Started Burp Suite 是用于攻击web 应用程序的集成平台.它包含了许多工具,并为这些 ...

  3. Burp Suite初探

    Burp Suite 是用于攻击web 应用程序的集成平台.它包含了许多工具,并为这些工具设计了许多接口,以促进加快攻击应用程序的过程. 一.安装部署 需要配置java环境,首先安装java,然后配置 ...

  4. Burp Suite安装&环境配置&启动&浏览器设置代理

    一.简述 Burp Suite是一款使用Java编写的,用于Web安全审计与扫描套件.它集成了诸多实用的小工具以完成http请求的转发/修改/扫描等,同时这些小工具之间还可以 互相协作,在BurpSu ...

  5. Burp Suite使用

    Burp Suite是Web应用程序测试的最佳工具之一,其多种功能可以帮我们执行各种任务.请求的拦截和修改,扫描web应用程序漏洞,以暴力破解登陆表单,执行会话令牌等多种的随机性检查.本文将做一个Bu ...

  6. Burp Suite Walkthrough(英文版)

    Burp Suite is one of the best tools available for web application testing. Its wide variety of featu ...

  7. Burp Suite教程(英文版)

    In this article, we are going to see another powerful framework that is used widely in pen-testing. ...

  8. Burp Suite Walkthrough

    Burp Suite is one of the best tools available for web application testing. Its wide variety of featu ...

  9. 利用Burp Suite攻击Web应用

    i春秋作家:Passerby2 web应用测试综述: Web应用漏洞给企业信息系统造成了很大的风险.许多web应用程序漏洞是由于web应用程序缺乏对输入的过滤.简而言之Web应用程序利用来自用户的某种 ...

随机推荐

  1. 安装TensorFlow后import tensorflow时,出现CXXABI_1.3.11和GLIBCXX_3.4.22 not found

    Ubuntu16.04使用Anaconda搭建TensorFlow使用环境但是在安装TensorFlow后,import tensorflow报出如下错误: 该问题的错误原因是由于gcc的动态库较老导 ...

  2. 【Linux】数据流重定向

    数据流重定向(redirect)就是将某个命令执行后应该要出现在屏幕上的数据,给它传输到其他的地方,例如文件或设备(打印机之类的).这玩意在Linux的命令行模式下很重要,尤其是想要将某些数据存储下来 ...

  3. Linux 服务器CPU占用率100%,使用率高解决方案

    机器高负载告警一般是CPU负载在99-100%,同时伴有大量的网络出包和入包量,常见的原因是机器在某个时段进行LOG,数据等备份操作,或者服务器被黑导致 输入top命令查看CPU使用情况 top 通过 ...

  4. node.js生成验证码及图片

    示例代码: var svgCaptcha = require('svg-captcha'); var fs = require('fs'); var codeConfig = { size: 5,// ...

  5. preHandle、postHandle与afterCompletion

    preHandle 调用时间:Controller方法处理之前 执行顺序:链式Intercepter情况下,Intercepter按照声明的顺序一个接一个执行 若返回false,则中断执行,注意:不会 ...

  6. MySQL之Xtrabackup使用

    Xtrabackup对使用innodb存储引擎的mysql数据库进行备份时,不会影响数据库的读写操作(网上是这么说的,我还没验证过) 1.安装yum源 yum install https://repo ...

  7. [LeetCode] 741. Cherry Pickup 捡樱桃

    In a N x N grid representing a field of cherries, each cell is one of three possible integers. 0 mea ...

  8. SpringBoot系列教程JPA之新增记录使用姿势

    SpringBoot系列教程JPA之新增记录使用姿势 上一篇文章介绍了如何快速的搭建一个JPA的项目环境,并给出了一个简单的演示demo,接下来我们开始业务教程,也就是我们常说的CURD,接下来进入第 ...

  9. SpringBoot(1)

    SpringBoot 8/2 CRUD 发送put请求修改数据有三个步骤: SpringMVC中配置HiddenHttpMethodFilter 页面上创建一个post请求(form标签只能写get和 ...

  10. js node md5模块使用问题

    问题描述:md5(123456)得到的结果不是正确的. why? 问题查找: 1)安装路径问题: yarn add md5(md5模块在npmjs中显示每周download人数高达百万,有问题还这么多 ...