Skip to content

Testing Proxies

Testing Proxies

Switching proxies:
SwitchyOmega - Chrome proxy Switcher
SwitchyOmega - Firefox proxy Switcher

Burp

Burp Authorize Plugin
Burp Script to user Version info to search for CVEs
Burp Suite extension is able to find reflected XSS on page in real-time while browsing on web-site
Burp Suite Extensions in Python Examples
Burp Suite plugin (BApp) to aid in the detection of scripts being loaded from over 9200+ malicious cryptocurrency mining domains (cryptojacking).
NOPE TCP Proxy

Hot Keys:
Ctrl Shift T -> Scope
Ctrl Shift P -> Proxy
Ctrl Shift I -> Intruder

Project Options -> HTTP -> Redirections -> Java-driven Enabled
Request Search -> Auto-scroll to match when text changes

Match and replace rules
sqli -> ' or 1=1

Macros

Make a CSRF Macro:
1. Project Options -> Macros -> Add Button
2. Select the CSRF Request ex. /api/internal/csrf/TRADE
3. Choose Extract from regex group and use a regex like "csrf_token"\:"(.*?)"\}\,"errors"

Add Macro to Session Handling:
1. Project Options -> Session Handling Rules -> Add Button
2. Change Scope in the Scope tag to limit specific API endpoints
3. Details Tab -> Rule Actions -> Add Button
4. Select Run a Macro
5. Select the Macro you made in Make a CSRF Macro
6. Only Check the After running the macro, invoke a Burp Extention action handler: remove the other two check boxes
7. Select Add Custom Header from the dropdown.

Changing the Header Information:
1. Go to the Add Custom Header tab
2. Change Header Name to X-Csrf-Token
3. Change Header Value to Regular Expression with value of "csrf_token"\:"(.*?)"\}\,"errors"

Extensions

List of Burp Extensions
Burp Plugins
https://github.com/sting8k/BurpSuite_403Bypasser
https://github.com/bayotop/off-by-slash
https://github.com/thec00n/Uploader
https://github.com/destine21/ZIPFileRaider
https://github.com/InitRoot/BurpJSLinkFinder
Param Miner
https://github.com/kapytein/jsonp
https://github.com/elkokc/reflector
https://github.com/codewatchorg/Burp-IndicatorsOfVulnerability
https://github.com/secdec/attack-surface-detector-burp
https://github.com/wagiro/BurpBounty
File Upload Traverser
https://github.com/modzero/mod0BurpUploadScanner
https://github.com/vsec7/BurpSuite-Xkeys

Making an extension

https://security.humanativaspa.it/extending-burp-suite-for-fun-and-profit-the-montoya-way-part-4/

Race Conditions

Through Repeater:
1. Go to the Burp Repeater Tab. Click the + sign and select Add tab
2. Click on Create new group and select tabs (previously prepared requests) for the group
3. Click the down arrow on send and change it to Send group in parallel

You can use Turbo Intruder for the attack

MITMProxy

Automagically reverse-engineer REST APIs via capturing traffic
https://mitmproxy.org/posts/releases/mitmproxy9/ - wireguard proxy