1.0. OverView

AutoMacroBuilder Extension for burpSuite

1.0. Overview

AutoMacroBuilder provides various functions for vulnerability tests of multi-step sequence of request.

For details, refer to the sidebar menu on the right.

• Basic usage
  • Like the burpsuite Macro function, record and play back the sequence of requests as Macro. You can test each request in Macro with burpsuite 's Repeater / intruder / scanner tool.
  • Simply select the request you want to test and select the SendTo Repeater / Intruder / Scanner menu, then AutoMacroBuilder will perform a set of request sequece and tracking tokens/cookies.
  • The anti-CSRF token parameter is extracted from the sequence response. Click the [Track] button to display the parameter list, and the setting is completed simply by selecting the parameter to be tracked.
• Custom function
  • Parameter extract with regex
    if Parameters that are difficult to extract with the basic functions, they can be extracted from the response with the regular expressions.
  • Incremental numeric parameter setting
    You can embed the incremental numeric value to the request parameter. It can be used when it is necessary to set a unique value for each running.
  • CSV column parameter setting
    You can set the value of the specified column in the CSV file to the request parameter. By saving value such as the registration code of a gift campaign site in the CSV file,It can be used when a unique registered value is required for each page crawling.

Coming soon.. features below..

• [AutoMacroBuilder for OWASP ZAP]AutoMacroBuilder for OWASP ZAP will appear in the near future.

• [Scan Macro]Automatically scan each request in MacroBuilder's "Macro Request List" with scanner.

• Set the date and time of the current date and time in the format specified in the parameter. For each execution, set to the parameter that needs updating the current date and time.