Learn to develop Burp Suite extensions using Jython and automation techniques in this conference talk from BSides Cleveland 2015. Explore the Extension API, create custom classes and tabs, implement callbacks and helpers, and discover essential development practices. Dive into practical examples including custom serializers, automatic match and replace functions, cookie handling, and macro creation. Gain insights on extension testing, publishing to the BApp Store, and creating custom rules to enhance your web application security testing capabilities.
Overview
Syllabus
Intro
What you need to know
What you'll learn
Where to find the Extension API
Starting from scratch: imports
Import everything else you'll need!
Starting from scratch: your first class
Callbacks and helpers, finally!
Implementing within BurpExtender
Implementing separately
Building a custom tab
Examples & resources: simple custom tab?
Examples & resources: custom serializer
Extension development and testing
BApp Store!
Automatic match it replace
Cookie handling
Creating macros
Remember to test!
Custom rules
