LOGGER:INTRODUCTION

Burpsuite Logger is a network recording tool. It logs the traffic generated by burp for examination. It displays a log of all HTTP traffic sent between all Burps tools and your target website.

LOGGING AND MEMORY

It records traffic up to the assigned memory limit. The memory size is set to 50 megabytes by default, but it can be modified to infinite. When the limit is reached, the logger discards the oldest entries as new ones are created.

LOGGER FUNCTIONALITY

These are read-only but they have the full functionality, including the inspector. We can also send the content of logger entries to wherever we want, like repeater and intruder. The information from entries will be made available in different columns.

EXPORT LOGGER ENTRIES AS CSV

To summarise, if we wish to export the logger entries as a CSV file, we must first choose the entries we want, then right-click and choose export as CSV.

TASK LOGGER/LOGGER CONFIGURATION

Essentially, the logger catches traffic from the entire Burp Suite. A task logger performs similar functions as a burp logger, but it allocates memory differently. It has the same viewing and capture options as a burp logger and gives asseverate controls to ensure it captures and shows.

EXTENDER:INTRODUCTION

In this tab, the Extender enhances the capabilities of Burp by installing extensions made by which extensions can modify HTTP requests and replies, send additional HTTP requests, and other options are available. The page of Extender shown below contains options that are simple to understand.

BAPP STORE

Let us now discuss the Bapp shop, which contains community-created extensions. We can access the Bapp store through an extender.

Simply click on install to install any extension. However, keep in mind that some are built in Python and Ruby. So, we must download JRuby and Jython and update or upgrade the Burp suite.

EXTENSION DETAILS

The extension’s standard output stream is described on the Output tab. The same details about the standard error stream are available on the Error tab. A user can specify for each stream whether the application’s output should go to a file, the system console, or the user interface (UI). Burp has been assigned to extensions that are accessible programmatically using the extensibility API, and extensions are in charge of sending their output and error messages there. No matter the parameters provided here, extensions that disregard this may send output straight to the system console.

MANAGING EXTENSIONS

Clients can also see the list of extensions that are installed, as shown below, and users can add and remove them. Requests and responses are routed through the extension in the order in which they appear. In addition, users may install Burp Suite from an external shop by just clicking the Add button, and we can add the filter from an external Bapp store website.

BURP EXTENDER API

In summary, the work of APIs is to design our own extensions and tailor them to burp behaviour. The ApI details are accessible for constructing a Burp extension. The list below shows the available versions of Burp running.

SETTINGS

• Java environment-This permits us to configure the environment for executing Java extensions. We can also load certain libraries that can be found in a folder. Burp can also look for JAR files in subfolders.
• Python environment- These options allow you to tailor the environment in which Python extensions run. To utilize Python extensions, you must first download Python, a Python interpreter written in Java.
• Ruby environment-These options allow you to establish the environment for executing Ruby extensions. To use Ruby extensions, you must first download JRuby, a Ruby interpreter written in Java.

Thanks for visiting, Hope you enjoyed the BurpSuite Logger Secrets for Pentesters blog.

The post BurpSuite Logger Secrets for Pentesters (PART-8) appeared first on CertCube Labs.