-
-
Notifications
You must be signed in to change notification settings - Fork 0
1.0. OverView
Chikara Daike edited this page Aug 18, 2018
·
27 revisions
AutoMacroBuilder Extension for burpSuite
1.0. Overview
AutoMacroBuilder provides various functions for vulnerability tests of multi-step sequence of request.
- 1.2. Basic usage
- Like the burpsuite Macro function, record and play back the sequence of requests as Macro. You can test each request in Macro with burpsuite 's Repeater / intruder / scanner tool.
- In burpsuite Macro, it is necessary to modify Macro every time it tests each request in Macro but in this function it is not necessary. Simply select the request you want to test and select the SendTo Repeater / Intruder / Scanner menu.
- The anti-CSRF token parameter is extracted from the sequence response. Click the [Track] button to display the parameter list, and the setting is completed simply by selecting the parameter to be tracked.
- if Parameters that are difficult to extract, they can be extracted from the response with the regular expression editor.
- You can set the ascending numeric value for the parameter. It can be used when it is necessary to set a unique value for each running.
- As the parameter, you can set the specified column value in the CSV file. It can be used when a unique value is required for each running, such as the winning code of a gift campaign site.