What Does this Extension Do?
This is a relatively simple Burp extension that I created a while back to learn more about how to actually create extensions. The functionality is straight-forward: it parses the HTML looking for email addresses. Additionally, it can generate usernames from the list of emails found. The ideal use case is when an website (or organization) uses email@example.com format – as some combination of the first and last name will also serve as their username. For example, firstname.lastname@example.org may have the following usernames:
What Can’t it Do?
Well, there is quite a bit it doesn’t do and plenty of room for improvement. The email parsing is done by simple regular expression – which means that it can likely be improved upon. It only parses a single HTTP response, harvesting emails from an entire website would be far more useful. The output is only directed to the output tab in Burp – it could be saved to a file for use with other tools. I mainly developed this for my own edification on Burp extensions and made it available in the hopes that someone else mind find it useful for their own learning.
It’s also worth noting that the logic contained within the extension could be easily adapted to look for other data. In fact, this may be a feature that Burp already contains, I was just too lazy to go looking for it 🙂
The original idea for creating this extension, along with the knowledge to get started came from Black Hat Python by Justin Seitz. In this book, it covers creating Burp extensions to expand Burp functionality and automate tasks.
Test Data for the Demo….