Buby – Extending PortSwigger Burp Suite through JRuby.

Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API. This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp’s pure Java extension interface.

Features/Problems :

  • Intercept and log proxied requests and responses via Burp into Ruby and perform arbitrary processing on them.
  • Modify requests and responses in-line using Ruby scripts.
  • Pass requests and other information from JRuby to various sub-interfaces in Burp
  • Use the Burp framework for active and passive scanning using arbitrary requests and responses.
  • Use the Burp framework for making arbitrary HTTP requests

Buby is implemented using an abstract Ruby event handler and interface class. The Buby Ruby class is back-ended with a minimal BurpExtender class implemented in Java. The java code is required to conform to nuances in the Burp extension interface and while it’s in the pure Java runtime, it acts as ‘glue’ where deemed appropriate, but otherwise tries to stay out of the way.

The java BurpExtender included with Buby is an implementation of IBurpExtender which is the interface API supplied by PortSwigger for writing extensions to Burp Suite. It mostly acts as a method proxy between Ruby and Java, doing very little except event handler proxying between the java and ruby runtimes with run-time type conversion as needed.

Read more in here

Download Version :    – download as zip       – download as tar.gz

Advertisements

5 Comments

  1. Thanks for each of your hard work on this site. My mom enjoys doing investigations and it is simple to grasp why. A number of us know all regarding the compelling method you render very helpful techniques via this website and as well encourage participation from other individuals on the theme then my child is certainly starting to learn so much. Have fun with the rest of the year. You’re the one doing a fabulous job.

  2. I am lucky that I found this website , just the right info that I was looking for! .

  3. Nice article Thank You very Much!!

  4. I am not really wonderful with English but I line up this very easy to read .

  5. Super article!


Sorry, the comment form is closed at this time.

Comments RSS