Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
Burp Extension: Copy As FFUF
Description
ffuf (https://github.com/ffuf/ffuf) is gaining a lot of traction within the infosec community as a fast portable web fuzzer. It has been compared and aligned (kinda) to Burp's Intruder functionality. Thus, Copy As FFUF is trying to build that interoperatability bridge between the two.
Features
- Piping the copied request to a
request.httpfile and build a skeletonffufcommand
TODO
-
Extend the functionality with additional right-click menu items, like:
- Create a
Copy as FFUFsubmenu - Copy request and use Burp proxy for verification
Copy as FFUF skeleton, verify via Burp" - Copy request and use Burp proxy for the attack
Copy as FFUF skeleton, proxy via Burp"
- Create a
-
Maybe add a simple UI allowing to configure a path to wordlists
Requirements
- Python environment / Jython for Burp Suite
Installation
- Check if jython standalone is present in
Extender -> Options -> Python Environment - Load the extention
Extender -> Extensions -> Add -> select path to CopyAsFFUF.py
Hopefully at some point PortSwigger with make it available in the bApp store
Known Issue
TODO
Author
- d3k4z