forked from synfron/ReshaperForBurp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
BappDescription.html
55 lines (50 loc) · 3.32 KB
/
BappDescription.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<p>Trigger actions and reshape HTTP request and response traffic using configurable rules</p>
<p>Rules</p>
<p>Rules allow you to set actions to perform (called Thens) if messages/connections (event) received by Burp Suite meet certain criteria (called Whens). Rules are processed in order.</p>
<p>Whens</p>
<ul>
<li>Content Type - If the HTTP request body is reported to match specified content types</li>
<li>Event Direction - If the HTTP message is a Request or Response, or if the WebSocket message is directed toward the client or server</li>
<li>From Tool - If the HTTP/WebSocket message is from a specific Burp tool</li>
<li>Has Entity - If the HTTP/WebSocket event contains a certain message value entity</li>
<li>In Scope - If the URL is in the suite-wide scope</li>
<li>Matches Text - If a value (text, variable, or HTTP/WebSocket message value entity) matches a value</li>
<li>Message Type - If the WebSocket message is text or binary</li>
<li>MIME Type - If the HTTP response body is reported to match specified MIME types</li>
<li>Proxy Name - If received by a certain Burp proxy listener</li>
<li>Repeat - Repeat a group of When constraints for each item in a list</li>
</ul>
<p>Thens</p>
<ul>
<li>Break - Stop Rules or then action processing</li>
<li>Build HTTP Message - Build an HTTP request or response message and store the full text in a variable</li>
<li>Comment - Add a comment to the line item in the HTTP/WebSocket history</li>
<li>Delay - Delay further processing/sending of the HTTP/WebSocket event</li>
<li>Delete Value - Remove an HTTP message entity</li>
<li>Delete Variable - Delete a variable</li>
<li>Drop - Have Burp drop the connection</li>
<li>Evaluate - Perform operations on values</li>
<li>Extract - Extract values into lists</li>
<li>Generate - Generate a value</li>
<li>Highlight - Highlight the line item in the HTTP/WebSocket history</li>
<li>Intercept - Intercept the message in the Proxy interceptor</li>
<li>Log - Log message to the Burp extension console</li>
<li>Parse HTTP Message - Extract values from an HTTP request or response message and store the values in variable</li>
<li>Prompt - Get text via a prompt dialog</li>
<li>Read File - Read a file</li>
<li>Repeat - Repeat a group of Then actions by count, boolean value, or for each item in a list</li>
<li>Run Process - Execute a command in a separate process</li>
<li>Run Rules - Run a specific Rule or all auto-run Rules</li>
<li>Run Script - Execute a JavaScript script</li>
<li>Save File - Save text to a file</li>
<li>Send Message - Send a separate WebSocket message</li>
<li>Send Request - Send a separate HTTP request</li>
<li>Send To - Send data to other Burp tools or the system's default browser</li>
<li>Set Encoding - Set the encoding used to read and write bytes of the HTTP request or response body, or WebSocket message</li>
<li>Set Event Direction - Change whether to send a request or to send a response at the end of processing</li>
<li>Set Value - Set the value of an HTTP/WebSocket event using another value (text, variable, or HTTP/WebSocket event entity)</li>
<li>Set Variable - Set a variable using another value (text, variable, or HTTP/WebSocket event entity)</li>
<li>Transform - Transform/convert a value</li>
</ul>
<p>Variables</p>
<p>Share values across different rules while processing the same event or all events</p>