1、Setting up the envrionment for burp Extensions  

before we can write extensions we need to ensure that the environment is set up. this is very important if you want to avoid hours and hours of the frustration with youself  more information  can be found at HTTP :http://www.burpextensions.com/tutorials/setting-up-the-pythonjython-environment-for-burpsuite/.

2、Writing your first burp Suite Extension 

A gentle introduce to writing your first exteniso use the code provided here as your boiler plate to test whrtehr your environemt has been set up properly iff the extension gets added without any errors then you are foog to go  , more information be found at http://blog.portswigger.net/2012/12/writing-yourfirst-burp-extension.html.

3- Write a simple Burp Extension in python :

Using Burp extension and writing your own this has be the place where ou lean how to write a Burp Extension in Python   the code is simple the post explains all that is required and the extension will useful things as soon as it is added ,More information can be found at http://www. burpextensions.com/tutorials/tutorial-python-extension-post-1/and http://www.burpextensions.com/downloads/pythontutorial-1.txt.

Burp Extensions tutorials :

Now that you have read the offical document you can  make full use of these toutorials that deep into extensions more information about burp Sutie extension toutorials can be found at http://www.burpextensions.com/category/tutorials/.

Extending Burp  Suite Proxy with Extensions

http://blog.opensecurityresearch.com/2014/03/extending-burp.html.

Burp suite Crawljax selenium JUint integration

https://github.com/malerisch/burp-csj.

Writing and debugging Burp Suiite Extension in Python :  http://sethsec. blogspot.in/2014/01/writing-and-debugging-burpsuite.html.

Searching Github for Burp Suite Extensions :https://github.com/search?utf 8=%E2%9C%93&q=burp+extension.

and if you want to Writing in any language you want  gey more information as :

https://github.com/liftsecurity/burpbuddy.

How we Tsting Mobile application for web Security using Burp Suite

some  useful resources  to test mobile application for web security using Burp Suite can be found at the foolwing locations

how to St UP An ios Pen Testing Envrionment : http://eightbit.io/post/64319534191/how-to-set-up-an-ios-pen-testing-environment

Import Burp Suite Certificate For android pentesting without root :http://backtosecurity.com/importing-burp-certificate-forandroid-
pentesting-without-root/

Windows Mobile Burp Suite Proxy setup :http://pentest-forum.com/index. php?topic=688.0

Pentesting Web Security with anti CSRE token using Burp PRO :http://www.notsosecure.com/blog/2014/07/02/pentesting-web-service-withcsrf-token-with-burp-pro/

IOS Assessment with Burp Suite +iFunBox +SQLLite :http://blog.nvisium. com/2014/08/ios-assessments-with-burp-ifunbox-sqlite.html

Burp Suite Extension tools的更多相关文章

  1. Burp Suite使用介绍

    Burp Suite使用介绍(一)  22人收藏 收藏 2014/05/01 19:54 | 小乐天 | 工具收集 | 占个座先 Getting Started Burp Suite 是用于攻击web ...

  2. Burp Suite使用介绍总结

    Burp Suite使用介绍(一) 小乐天 · 2014/05/01 19:54 Getting Started Burp Suite 是用于攻击web 应用程序的集成平台.它包含了许多工具,并为这些 ...

  3. Burp Suite初探

    Burp Suite 是用于攻击web 应用程序的集成平台.它包含了许多工具,并为这些工具设计了许多接口,以促进加快攻击应用程序的过程. 一.安装部署 需要配置java环境,首先安装java,然后配置 ...

  4. Burp Suite安装&环境配置&启动&浏览器设置代理

    一.简述 Burp Suite是一款使用Java编写的,用于Web安全审计与扫描套件.它集成了诸多实用的小工具以完成http请求的转发/修改/扫描等,同时这些小工具之间还可以 互相协作,在BurpSu ...

  5. Burp Suite使用

    Burp Suite是Web应用程序测试的最佳工具之一,其多种功能可以帮我们执行各种任务.请求的拦截和修改,扫描web应用程序漏洞,以暴力破解登陆表单,执行会话令牌等多种的随机性检查.本文将做一个Bu ...

  6. Burp Suite Walkthrough(英文版)

    Burp Suite is one of the best tools available for web application testing. Its wide variety of featu ...

  7. Burp Suite教程(英文版)

    In this article, we are going to see another powerful framework that is used widely in pen-testing. ...

  8. Burp Suite Walkthrough

    Burp Suite is one of the best tools available for web application testing. Its wide variety of featu ...

  9. 利用Burp Suite攻击Web应用

    i春秋作家:Passerby2 web应用测试综述: Web应用漏洞给企业信息系统造成了很大的风险.许多web应用程序漏洞是由于web应用程序缺乏对输入的过滤.简而言之Web应用程序利用来自用户的某种 ...

随机推荐

  1. Linux服务器连接不上的几种解决办法

    Linux远程服务器连接不上,或连接超时解决办法:1.测试网络是否通:    ping 远程IP 2.如果能ping通则表示与服务器网络连接是正常,接下来测试端口:telnet 远程ip 端口 3.如 ...

  2. [LeetCode] 282. Expression Add Operators 表达式增加操作符

    Given a string that contains only digits 0-9 and a target value, return all possibilities to add bin ...

  3. node 单例

    ScriptManager.getInstance = function () { if (_instance != null) { return _instance; } else { return ...

  4. 解决Python查询Mysql数据库信息乱码问题

    今天尝试着用 Python 写了个脚本试着连接 mysql 数据库,并查询里边的数据,不过最终查询结果中文字符变成了ascii格式. 代码如下: #!/usr/bin/python #encoding ...

  5. Float在内存中的存储方式及IEC61131处理

    Float在内存中的存储方式及IEC61131处理 1,fp32(32bits float)类型数据在存储器中占用4Bytes存储,且遵循IEEE-754标准: 一个浮点数分三部分组成: 符号位s(1 ...

  6. 1206 雅礼集训D2题解

    A \(two\) \(1.1\) \(Description\) 你有两棵有根树,每棵各有 n 个顶点.让我们用整数 1 到 n 给每棵树的顶点编 号.两棵树的根都是顶点 1.第一棵树的边都都是蓝色 ...

  7. IP通信学习心得01

    一.物理拓扑 1. 1) 总线拓扑 特点:所有设备都处于同一个冲突域与广播域,共享相同的带宽 一次只能有一个设备传输,且两端要安装端接器. 传输介质:同轴电缆.(注:10Base5:容量10M 传输5 ...

  8. Linux下的JMeter部署及使用

    之前都是在windows环境使用JMeter,是有操作界面的.但是最近需要在Linux环境下使用,现将操作步骤记录下来 在安装JMeter之前,需要在Linux下安装JDK并配置环境变量,这里跳过 1 ...

  9. 转载:c++获取本机IP地址

    windows下获取IP地址的两种方法: 一种可以获取IPv4和IPv6,但是需要WSAStartup: 一种只能取到IPv4,但是不需要WSAStartup: 如下: 方法一:(可以获取IPv4和I ...

  10. spring boot 拦截 以及Filter和interceptor 、Aspect区别

    一.通过Filter这个大家很熟悉了吧,这是java规范的一个过滤器,他会拦截请求.在springboot中一般有两种配置方式.这种过滤器拦截并不知道你用的是哪一个Controller处理也不知道你用 ...