A simple Burp Suite extension to extract datas from source code

Last update: Dec 31, 2022

Overview

DataExtractor

A simple Burp Suite extension to extract datas from source code.

Features

in scope parsing
file extensions to ignore
files exclusion based on regexp
multi tabs for multiple purpose
datas extraction based on regexp
datas exclusion based on regexp
datas export

Install

First of all, ensure you have JPython loaded and setup before installing.

clone this repository
in the Extender tab, click the button "Add"
set "Extension type" to "Python"
browse to the cloned folder and select DataExtractor.py as the "Extension file"

The extension should load and is now ready to perform a passive scan.

Screenshots

You might also like...

log4j burp scanner

log4jscanner log4j burp插件特点如下： 0x01 基于Cookie字段、XFF头字段、UA头字段发送payload 0x02 基于域名的唯一性，将host带入dnslog中插件主要识别五种形式： 1.get请求，a=1&b=2&c=3 2.post请求，a=1&b=2&c=

1 Jun 30, 2022

log4j2 passive burp rce scanning tool get post cookie full parameter recognition

log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别，在ceye.io api速率限制下，最大线程扫描每一个参数，记录过滤已检测地址，重复地址 token替换为你自己的http://ceye.io/ token 和域名地址

5 Dec 10, 2021

PortSwigger Burp Plugin for the Log4j (CVE-2021-44228)

yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log

1 Jan 31, 2022

This a simple tool XSS Detection Suite for CTFs games

2 Nov 24, 2021

A DOM-based G-Suite password sprayer and user enumerator

1 Apr 7, 2022

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

136 Dec 13, 2022

A tool to extract the IdP cert from vCenter backups and log in as Administrator

vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin

343 Dec 31, 2022

Python library to remotely extract credentials on a set of hosts.

1.5k Dec 31, 2022

This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to

3 Sep 3, 2022

Comments

Feature request

Hi I really love this tool. But is it possible to add options like "Send to DataExtrator" so I can spicificly can resend old endpoints that I dont want to revisit.

opened by iamRjarpan 2

Releases(v1.1.0)

v1.1.0(Dec 2, 2022)

Source code(tar.gz)
Source code(zip)

Owner

Gwendal Le Coguic

Bug hunter, tool maker.

GitHub Repository

Proof of concept GnuCash Webinterface

Proof of Concept GnuCash Webinterface This may one day be a something truly great. Milestones [ ] Browse accounts and view transactions [ ] Record sim

14 Dec 28, 2022

Malware-analysis-writeups - Some of my Malware Analysis writeups

About This repo contains some malware analysis writeups i've created over time m

14 Jun 22, 2022

Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

31 Oct 21, 2022

CVE-2021-26084 Remote Code Execution on Confluence Servers

CVE-2021-26084 CVE-2021-26084 Remote Code Execution on Confluence Servers. Dork Fofa: app="ATLASSIAN-Confluence" Usage Show help information. python P

63 Dec 30, 2022

Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

22 Dec 04, 2022

Tools for converting Nintendo DS binaries to an ELF file for Ghidra/IDA

nds2elf Requirements nds2elf.py uses LIEF and template.elf to form a new binary. LIEF is available via pip: pip3 install lief Usage DSi and DSi-enhan

17 Aug 14, 2022

labsecurity is a framework and its use is for ethical hacking and computer security

labsecurity labsecurity is a framework and its use is for ethical hacking and computer security. Warning This tool is only for educational purpose. If

16 Dec 08, 2022

An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.

Log4JHunt An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability. Video demo: Usage Here the help usage: $ python3 log4jhunt.py

39 Nov 21, 2022

Extendable payload obfuscation and delivery framework

NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently

123 Dec 19, 2022

Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

Let's Git - Versionsverwaltung & Open Source Hausaufgabe Herzlich Willkommen zu

1 Jan 24, 2022

Tool ini berfungsi untuk membuat virus secara instan

vbug (ID) Tool ini berfungsi untuk membuat virus secara instan. Dengan begitu pengguna vbug maker dapat menggunakannya dengan mudah dan cepat. Di dala

3 Jun 05, 2022

This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.

This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where t

5 May 31, 2022

A deobfuscator for multiple python obfuscators

PY4COC A deobfuscator for multiple python obfuscators, supports exe's packed with pyinstaller too. How to use python3 py4coc.py exe file or py file o

16 Dec 03, 2022

Hack computer in the form of RAR files from all types of clients, even Linux

Program Features 📌 Hide malware 📌 Vulnerability software vulnerabilities RAR 📌 Creating malware 📌 Access client files 📌 Client Hacking 📌 Link Do

5 Nov 25, 2022

Discord-email-spammer-exploit - A discord email spammer exploit with python

Discord-email-spammer-exploit was made by Love ❌ code ✅ 🎈 ・Description First it

25 Aug 13, 2022

Threat Intelligence Gathering 威胁情报收集，旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。

0x00 介绍 tig Threat Intelligence Gathering 威胁情报收集，旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率，目前已集成微步、IP 域名反查、Fofa 信息收集、ICP 备案查询、IP 存活检测五个模块，现已支持以下信息的查询： ✅ 微步标签 ✅ I

698 Dec 09, 2022

Chromepass - Hacking Chrome Saved Passwords

Chromepass - Hacking Chrome Saved Passwords and Cookies View Demo · Report Bug · Request Feature Table of Contents About the Project AV Detection Gett

622 Jan 04, 2023

Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1

CVE-2021-22911 Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1 The getPasswordPolicy method is vulnerable to NoS

47 Nov 09, 2022

This is a keylogger in python for Windows, Mac and Linux!

Python-Keylogger This is a keylogger in python for Windows, Mac and Linux! #How to use it by downloading the zip file? Download the zip file first The

2 Nov 12, 2021

An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.

RonnieColemanYARAParser This script is named after Ronnie Coleman, and peforms bulk lifts on arbitary file features using YARA console logging. Requir

20 Dec 13, 2022