1、Setting up the envrionment for burp Extensions  

before we can write extensions we need to ensure that the environment is set up. this is very important if you want to avoid hours and hours of the frustration with youself  more information  can be found at HTTP :http://www.burpextensions.com/tutorials/setting-up-the-pythonjython-environment-for-burpsuite/.

2、Writing your first burp Suite Extension 

A gentle introduce to writing your first exteniso use the code provided here as your boiler plate to test whrtehr your environemt has been set up properly iff the extension gets added without any errors then you are foog to go  , more information be found at http://blog.portswigger.net/2012/12/writing-yourfirst-burp-extension.html.

3- Write a simple Burp Extension in python :

Using Burp extension and writing your own this has be the place where ou lean how to write a Burp Extension in Python   the code is simple the post explains all that is required and the extension will useful things as soon as it is added ,More information can be found at http://www. burpextensions.com/tutorials/tutorial-python-extension-post-1/and http://www.burpextensions.com/downloads/pythontutorial-1.txt.

Burp Extensions tutorials :

Now that you have read the offical document you can  make full use of these toutorials that deep into extensions more information about burp Sutie extension toutorials can be found at http://www.burpextensions.com/category/tutorials/.

Extending Burp  Suite Proxy with Extensions

http://blog.opensecurityresearch.com/2014/03/extending-burp.html.

Burp suite Crawljax selenium JUint integration

https://github.com/malerisch/burp-csj.

Writing and debugging Burp Suiite Extension in Python :  http://sethsec. blogspot.in/2014/01/writing-and-debugging-burpsuite.html.

Searching Github for Burp Suite Extensions :https://github.com/search?utf 8=%E2%9C%93&q=burp+extension.

and if you want to Writing in any language you want  gey more information as :

https://github.com/liftsecurity/burpbuddy.

How we Tsting Mobile application for web Security using Burp Suite

some  useful resources  to test mobile application for web security using Burp Suite can be found at the foolwing locations

how to St UP An ios Pen Testing Envrionment : http://eightbit.io/post/64319534191/how-to-set-up-an-ios-pen-testing-environment

Import Burp Suite Certificate For android pentesting without root :http://backtosecurity.com/importing-burp-certificate-forandroid-
pentesting-without-root/

Windows Mobile Burp Suite Proxy setup :http://pentest-forum.com/index. php?topic=688.0

Pentesting Web Security with anti CSRE token using Burp PRO :http://www.notsosecure.com/blog/2014/07/02/pentesting-web-service-withcsrf-token-with-burp-pro/

IOS Assessment with Burp Suite +iFunBox +SQLLite :http://blog.nvisium. com/2014/08/ios-assessments-with-burp-ifunbox-sqlite.html

Burp Suite Extension tools的更多相关文章

  1. Burp Suite使用介绍

    Burp Suite使用介绍(一)  22人收藏 收藏 2014/05/01 19:54 | 小乐天 | 工具收集 | 占个座先 Getting Started Burp Suite 是用于攻击web ...

  2. Burp Suite使用介绍总结

    Burp Suite使用介绍(一) 小乐天 · 2014/05/01 19:54 Getting Started Burp Suite 是用于攻击web 应用程序的集成平台.它包含了许多工具,并为这些 ...

  3. Burp Suite初探

    Burp Suite 是用于攻击web 应用程序的集成平台.它包含了许多工具,并为这些工具设计了许多接口,以促进加快攻击应用程序的过程. 一.安装部署 需要配置java环境,首先安装java,然后配置 ...

  4. Burp Suite安装&环境配置&启动&浏览器设置代理

    一.简述 Burp Suite是一款使用Java编写的,用于Web安全审计与扫描套件.它集成了诸多实用的小工具以完成http请求的转发/修改/扫描等,同时这些小工具之间还可以 互相协作,在BurpSu ...

  5. Burp Suite使用

    Burp Suite是Web应用程序测试的最佳工具之一,其多种功能可以帮我们执行各种任务.请求的拦截和修改,扫描web应用程序漏洞,以暴力破解登陆表单,执行会话令牌等多种的随机性检查.本文将做一个Bu ...

  6. Burp Suite Walkthrough(英文版)

    Burp Suite is one of the best tools available for web application testing. Its wide variety of featu ...

  7. Burp Suite教程(英文版)

    In this article, we are going to see another powerful framework that is used widely in pen-testing. ...

  8. Burp Suite Walkthrough

    Burp Suite is one of the best tools available for web application testing. Its wide variety of featu ...

  9. 利用Burp Suite攻击Web应用

    i春秋作家:Passerby2 web应用测试综述: Web应用漏洞给企业信息系统造成了很大的风险.许多web应用程序漏洞是由于web应用程序缺乏对输入的过滤.简而言之Web应用程序利用来自用户的某种 ...

随机推荐

  1. Tomcat中加载不到项目 项目构建Deployment Assembly报错:The given project is not a virtual component project

    转:   The given project is not a virtual component project The given project is not a virtual compone ...

  2. Java 使用ZkClient操作Zookeeper

    目录 ZkClient介绍 导入jar包依赖 简单使用样例 ZkClient介绍 因为Zookeeper API比较复杂,使用并不方便,所以出现了ZkClient,ZkClient对Zookeeper ...

  3. MySQL二进制快速安装升级(待验证)

    适合小版本的升级. 即 关闭当前的MySQL,替换当前的二进制文件或包,在现有的数据目录上重启MySQL,并运行mysql_upgrade. 特点:不改变数据文件,升级速度快:但,不可以跨操作系统,不 ...

  4. TP-Link無線路由器(分享器)頻寬控管

    需求: 對十個終端進行頻寬的控管(有線連接),也需要無線的連線 設備: 兩台TP-Link AC750(每台四個LAN端口),一台TP-Link hub 由於資金有限,兩個路由器最多也只有8個接口,如 ...

  5. [LeetCode] 237. Delete Node in a Linked List 删除链表的节点

    Write a function to delete a node (except the tail) in a singly linked list, given only access to th ...

  6. 在ensp上配置Hybrid接口

    Hybrid接口是华为特有的一种接口 Hybrid接口是既可以连接普通终端的接入链路,又可以连接交换机间的干道链路. 简单说就是Hybrid接口既能实现Access的功能又能实现Trunk接口的功能. ...

  7. 腾讯的网站如何检测到你的 QQ 已经登录?

    转:http://www.lovelucy.info/tencent-sso.html 在 QQ 已经登录的情况下,手动输入网址打开 QQ 邮箱 或者 QQ 空间 等腾讯网站,可以看到网页已经检测到本 ...

  8. LeetCode 788. 旋转数字(Rotated Digits) 36

    788. 旋转数字 788. Rotated Digits 题目描述 我们称一个数 X 为好数, 如果它的每位数字逐个地被旋转 180 度后,我们仍可以得到一个有效的,且和 X 不同的数.要求每位数字 ...

  9. [转帖]直击案发现场!TCP 10倍延迟的真相是?

    直击案发现场!TCP 10倍延迟的真相是? http://zhuanlan.51cto.com/art/201911/605268.htm 内核参数调优 非常重要啊. 什么是经验?就是遇到问题,解决问 ...

  10. CF1097G Vladislav and a Great Legend 组合、树形背包

    传送门 看到\(k\)次幂求和先用斯特林数拆幂:\(x^k = \sum\limits_{i=1}^k \binom{x}{i}\left\{ \begin{array}{cccc} k \\ i \ ...