Getting Started with Burp Suite – Browser Setup

Burp is a Java-based application that can be downloaded from the PortSwigger website. There is a limited-use free version, along with paid versions available. For this write-up, I’ll be using the free version. You can also use Kali Linux as Burp is already installed. In Kali, you can launch Burp by selecting the icon in the dock: Starting Burp Suite You may receive a warning about the installed version of Java – this is ok to ignore. You may also be informed of an update for Burp, this is also safe to ignore for now but it’s usually best to…

Read more

Finding Usernames with Burp Extensions

What Does this Extension Do? This is a relatively simple Burp extension that I created a while back to learn more about how to actually create extensions. The functionality is straight-forward: it parses the HTML looking for email addresses. Additionally, it can generate usernames from the list of emails found. The ideal use case is when an website (or organization) uses first.last@organization.com format – as some combination of the first and last name will also serve as their username. For example, jane.doe@example.com may have the following usernames: jane.doe jdoe doej doe You can find a demonstration of this extension in…

Read more