Writing Burp Suite Macros and Plugins

Learn how to write Burp Suite macros and extensions in different languages. Understand the Burp API, its supporting classes and structure in order to equip yourself in writing customized Burp functionality for your developer and pentester needs.
Course info
Level
Advanced
Updated
Nov 20, 2017
Duration
2h 49m
Table of contents
Description
Course info
Level
Advanced
Updated
Nov 20, 2017
Duration
2h 49m
Description

Harness the power of Burp Suite to cater to all of your pentesting needs. In this course, Writing Burp Suite Macros and Plugins, you will learn how to create customized Burp Suite functionality that fits any special business requirement. First, you will uncover the secrets of using Burp Macros to assist you with automated testing. Then, you will dive into how you can write Burp Extensions in both Java and Python languages. Next, you will cover Burp Macros for automating Logins, populating CSRF tokens, and solving CAPTCHA puzzles. Additionally, you will gain an understanding of the Burp API in Java and Python languages by looking at several examples of Burp plugins along with challenge exercises for you to complete in writing Burp extensions. Finally, you will learn how to automate Burp Macros and Extensions into your DevOps build process. By the end this course, you will know how to perform these techniques at a comfortable and efficient level to better perform your job as a pen tester or developer.

About the author
About the author

Sunny Wear, CISSP, GWAPT, GSSP-JAVA, CEH, CSSLP is an Application Security Architect and developer. Her breadth of experience includes network, data, application, and security architecture as well as programming across multiple languages and platforms. In her 20 years of professional experience, she has participated in the design and creation of many enterprise applications as well as the security testing aspects of platforms and services.

More from the author
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Sunny Wear, and welcome to my course Writing Burp Suite Macros and Plugins. I'm a security architect and a web app penetration tester at a large financial services company. Are you curious how you can hone the power of Burp Suite to cater to your needs? Maybe you are actively working with Burp Suite, but find yourself wanting to create some custom functionality that fits a special business requirement. If that's the case, then this course is for you. This course is designed to teach you how to create custom Burp plugins. We will uncover the secrets of using Burp macros to assist you with automated testing. Then we will go into how you can write Burp extensions in both Java and Python languages. Some of the major topics that we will cover include Burp macros, used for automating logins, populating CSRF tokens, and solving CAPTCHA puzzles, understanding the Burp API in Java and Python, we're going to take a look at several examples of Burp plugins in both Java and Python, and then you're going to be challenged with exercises that you'll need to complete in which you will be writing Burp extensions in Java and Python. And then finally, we're going to look at using the automation of Burp macros and Burp extensions and incorporating those into your DevOps build process. By the end of this course, you'll know how to perform these techniques at a comfortable and efficient level to better perform your job as a pen tester or as a developer. Before beginning the course, you should be very familiar with Burp and its features in order to get the most out of this material. I hope you'll join me on this journey to learn how to become a great web app pen tester with the Writing Burp Suite Macros and Plugins course at Pluralsight.