Skip to content

README.md

Latest commit

 

History

History
127 lines (85 loc) · 4.27 KB

README.md

File metadata and controls

127 lines (85 loc) · 4.27 KB

Copy as Python aiohttp

Github top language Github language count Repository size License

About   |   Features   |   Technologies   |   Building   |   Starting   |   Usage   |   License   |   Author


🐍 About

A Burp extension to generate async Python code from HTTP requests.

This extension generates different flavors of scripts (e.g. with/without session, with/without main function).

The resulting codes have been tested with Python 3.14.3 but they should work with other versions as well.

✨ Features

✔️ Generate individual async functions from requests;
✔️ Combine multiple requests into a single session;
✔️ Generate async script for password spraying attacks.

🚀 Technologies

The following tools and technologies were used in this project:

🔨 Building

Before starting 🏁, you need to have Git and Java installed.

# Clone this project
$ git clone https://github.com/y0k4i-1337/copy-as-python-aiohttp

# Access
$ cd copy-as-python-aiohttp

For MacOS and Linux:

# Build the project
$ ./gradlew build

For Windows:

# Build the project
$ ./gradlew.bat build

Once built, you can add the resulting fat Jar file into your Burp extensions. The file will be located at

./copy-as-python-aiohttp/build/libs/copy-as-python-aiohttp-MAJOR.MINOR.PATCH-fat.jar

📖 Usage

Before using the resulting snippet, make sure to install the required dependencies with:

pip install 'aiohttp[speedups]' aiofiles aiocsv

Once the extension is loaded in Burp, you can right-click on any HTTP requests and select the "Copy as Python aiohttp" option to generate the corresponding Python code.

There are four different options to choose from in the main context menu:

  • "Copy requests": generates individual async functions for each selected request.
  • "Copy requests with session object": generates individual async functions for each selected request where a session object is passed as an argument to the function.
  • "Generate script" submenu: has the same options as above but combines all the requests into a single script with a main function.
  • "Generate password spraying template": generates a template script for password spraying attacks.

Remember to customize the generated code as needed, especially the password spraying template, which is meant to be a starting point for your attacks.

📝 License

This project is under license from MIT. For more details, see the LICENSE file.

Made with ❤️ by y0k4i

 

Back to top