extending-burp-suite.md

Extending Burp Suite

Setting up the Ruby environment for Burp Extensions

1. Download a stable version of JRuby from JRuby Downloads
2. Select the jar for Linux (JRuby x.x.x Complete .jar) or Executable for Windows.
3. Import the environment from Burp Suite >> Extender >> Options >> Ruby Environment.

Import the Burp Suite Extender Core API IBurpExtender

{% code title="alert.rb" %}

require 'java'
java_import 'burp.IBurpExtender'

class BurpExtender
  include IBurpExtender

  def registerExtenderCallbacks(callbacks)
    callbacks.setExtensionName("Rubyfu Alert!")
    callbacks.issueAlert("Alert: Ruby goes evil!")
  end
end

{% endcode %}

Load the plugin alert.rb

Check Alerts tab

Burp Suite Extension in Ruby template initiative

As Rubyfu project keeps groing, we've decided to develope our vesion of make a solid place for Ruby in the information security community. We've deceided to build a repository that makes building a Burp Suite extension in Ruby is very easy and understandable. Repository link

Buby

Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API. This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.

Resources

• Burp Suite Extender API Documentations [ link ]
• Step by step Ruby-based Burp Extension for JSON Encryption/Decryption [ Part 1 | Part 2 ]
• Buby [ website | rdoc ]
• Extensions written in Ruby [ WhatThWAF ]
• Burp suite Scripting with Buby [ Link ]