diff --git a/burp-suite-project-settings.json b/burp-suite-project-settings.json new file mode 100644 index 0000000..3997160 --- /dev/null +++ b/burp-suite-project-settings.json @@ -0,0 +1,665 @@ +{ + "logger":{ + "capture_filter":{ + "by_mime_type":{ + "capture_css":true, + "capture_flash":true, + "capture_html":true, + "capture_images":true, + "capture_other_binary":true, + "capture_other_text":true, + "capture_script":true, + "capture_xml":true + }, + "by_request_type":{ + "capture_only_in_scope_items":false, + "capture_only_parameterized_requests":false, + "discard_items_without_responses":false + }, + "by_search":{ + "case_sensitive":false, + "negative_search":false, + "regex":false, + "term":"" + }, + "by_status_code":{ + "capture_2xx":true, + "capture_3xx":true, + "capture_4xx":true, + "capture_5xx":true + }, + "by_tool":{ + "capture_extender":true, + "capture_intruder":true, + "capture_proxy":true, + "capture_repeater":true, + "capture_scanner":true, + "capture_sequencer":true, + "capture_target":true + }, + "capture_enabled":false, + "capture_memory_limit_mb":100, + "limit_request_response_size":{ + "capture_requests_up_to":"1MB", + "capture_responses_up_to":"1MB" + }, + "session_handling":{ + "ignore_session_handling_requests":false + }, + "task_capture_memory_limit_mb":20 + }, + "display_filter":{ + "by_annotation":{ + "show_only_commented_items":false, + "show_only_highlighted_items":false + }, + "by_file_extension":{ + "hide_items":[ + "js", + "gif", + "jpg", + "png", + "css" + ], + "hide_specific":false, + "show_items":[ + "asp", + "aspx", + "jsp", + "php" + ], + "show_only_specific":false + }, + "by_mime_type":{ + "show_css":true, + "show_flash":true, + "show_html":true, + "show_images":true, + "show_other_binary":true, + "show_other_text":true, + "show_script":true, + "show_xml":true + }, + "by_request_type":{ + "hide_items_without_responses":false, + "show_only_in_scope_items":false, + "show_only_parameterized_requests":false + }, + "by_search":{ + "case_sensitive":false, + "negative_search":false, + "regex":false, + "term":"" + }, + "by_status_code":{ + "show_2xx":true, + "show_3xx":true, + "show_4xx":true, + "show_5xx":true + }, + "by_tool":{ + "show_extender":true, + "show_intruder":true, + "show_proxy":true, + "show_repeater":true, + "show_scanner":true, + "show_sequencer":true, + "show_target":true + } + } + }, + "project_options":{ + "connections":{ + "hostname_resolution":[], + "out_of_scope_requests":{ + "advanced_mode":false, + "drop_all_out_of_scope":false, + "exclude":[], + "include":[], + "scope_option":"suite" + }, + "platform_authentication":{ + "credentials":[], + "do_platform_authentication":true, + "prompt_on_authentication_failure":false, + "use_user_options":true + }, + "socks_proxy":{ + "dns_over_socks":false, + "host":"", + "password":"", + "port":0, + "use_proxy":false, + "use_user_options":true, + "username":"" + }, + "timeouts":{ + "connect_timeout":1000, + "domain_name_resolution_timeout":1000, + "failed_domain_name_resolution_timeout":3000, + "normal_timeout":3000, + "open_ended_response_timeout":5000 + }, + "upstream_proxy":{ + "servers":[], + "use_user_options":true + } + }, + "http":{ + "http1":{ + "enable_keep_alive":false + }, + "http2":{ + "enable_http2":true + }, + "redirections":{ + "understand_3xx_status_code":true, + "understand_any_status_code_with_location_header":false, + "understand_javascript_driven":false, + "understand_meta_refresh_tag":true, + "understand_refresh_header":true + }, + "status_100_responses":{ + "remove_100_continue_responses":false, + "understand_100_continue_responses":true + }, + "streaming_responses":{ + "scope_advanced_mode":false, + "store":true, + "strip_chunked_encoding_metadata":true, + "urls":[] + } + }, + "misc":{ + "collaborator_server":{ + "location":"", + "poll_over_unencrypted_http":false, + "polling_location":"", + "type":"default" + }, + "embedded_browser":{ + "allow_running_without_sandbox":false, + "disable_gpu":false + }, + "logging":{ + "requests":{ + "all_tools":"", + "extender":"", + "intruder":"", + "proxy":"", + "repeater":"", + "scanner":"", + "sequencer":"" + }, + "responses":{ + "all_tools":"", + "extender":"", + "intruder":"", + "proxy":"", + "repeater":"", + "scanner":"", + "sequencer":"" + } + }, + "scheduled_tasks":{ + "tasks":[] + } + }, + "sessions":{ + "cookie_jar":{ + "monitor_extender":false, + "monitor_intruder":false, + "monitor_proxy":true, + "monitor_repeater":false, + "monitor_scanner":false, + "monitor_sequencer":false + }, + "macros":{ + "macros":[] + }, + "session_handling_rules":{ + "rules":[ + { + "actions":[ + { + "enabled":true, + "match_cookies":"all_except", + "type":"use_cookies" + } + ], + "description":"Use cookies from Burp's cookie jar", + "enabled":true, + "exclude_from_scope":[], + "include_in_scope":[], + "named_params":[], + "restrict_scope_to_named_params":false, + "tools_scope":[ + "Scanner" + ], + "url_scope":"all", + "url_scope_advanced_mode":false + } + ] + } + }, + "ssl":{ + "client_certificates":{ + "certificates":[], + "use_user_options":true + }, + "negotiation":{ + "allow_unsafe_renegotiation":false, + "disable_ssl_session_resume":false, + "enabled_ciphers":[], + "enabled_protocols":[], + "enforce_upstream_trust":false, + "tls_negotiation_behavior":"use_all_supported" + } + } + }, + "proxy":{ + "http_history_display_filter":{ + "by_annotation":{ + "show_only_commented_items":false, + "show_only_highlighted_items":false + }, + "by_file_extension":{ + "hide_items":[ + "js", + "gif", + "jpg", + "png", + "css", + "svg", + "ttf", + "woff", + "webp", + "ico" + ], + "hide_specific":true, + "show_items":[ + "asp", + "aspx", + "jsp", + "php" + ], + "show_only_specific":false + }, + "by_listener":{ + "port":"" + }, + "by_mime_type":{ + "show_css":false, + "show_flash":true, + "show_html":false, + "show_images":false, + "show_other_binary":false, + "show_other_text":true, + "show_script":true, + "show_xml":true + }, + "by_request_type":{ + "hide_items_without_responses":false, + "show_only_in_scope_items":false, + "show_only_parameterized_requests":false + }, + "by_search":{ + "case_sensitive":false, + "negative_search":false, + "regex":false, + "term":"" + }, + "by_status_code":{ + "show_2xx":true, + "show_3xx":true, + "show_4xx":true, + "show_5xx":true + } + }, + "intercept_client_requests":{ + "automatically_fix_missing_or_superfluous_new_lines_at_end_of_request":false, + "automatically_update_content_length_header_when_the_request_is_edited":true, + "do_intercept":true, + "rules":[ + { + "boolean_operator":"and", + "enabled":true, + "match_condition":"(^gif$|^jpg$|^png$|^css$|^js$|^ico$|^svg$|^eot$|^woff$|^woff2$|^ttf$)", + "match_relationship":"does_not_match", + "match_type":"file_extension" + }, + { + "boolean_operator":"or", + "enabled":false, + "match_relationship":"contains_parameters", + "match_type":"request" + }, + { + "boolean_operator":"or", + "enabled":false, + "match_condition":"(get|post)", + "match_relationship":"does_not_match", + "match_type":"http_method" + }, + { + "boolean_operator":"and", + "enabled":false, + "match_relationship":"is_in_target_scope", + "match_type":"url" + } + ] + }, + "intercept_server_responses":{ + "automatically_update_content_length_header_when_the_response_is_edited":true, + "do_intercept":false, + "rules":[ + { + "boolean_operator":"or", + "enabled":true, + "match_condition":"text", + "match_relationship":"matches", + "match_type":"content_type_header" + }, + { + "boolean_operator":"or", + "enabled":false, + "match_relationship":"was_modified", + "match_type":"request" + }, + { + "boolean_operator":"or", + "enabled":false, + "match_relationship":"was_intercepted", + "match_type":"request" + }, + { + "boolean_operator":"and", + "enabled":false, + "match_condition":"^304$", + "match_relationship":"does_not_match", + "match_type":"status_code" + }, + { + "boolean_operator":"and", + "enabled":false, + "match_relationship":"is_in_target_scope", + "match_type":"url" + } + ] + }, + "intercept_web_sockets_messages":{ + "client_to_server_messages":true, + "server_to_client_messages":true + }, + "match_replace_rules":[ + { + "comment":"Emulate IE", + "enabled":false, + "is_simple_match":false, + "rule_type":"request_header", + "string_match":"^User-Agent.*$", + "string_replace":"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" + }, + { + "comment":"Emulate iOS", + "enabled":false, + "is_simple_match":false, + "rule_type":"request_header", + "string_match":"^User-Agent.*$", + "string_replace":"User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B176 Safari/7534.48.3" + }, + { + "comment":"Emulate Android", + "enabled":false, + "is_simple_match":false, + "rule_type":"request_header", + "string_match":"^User-Agent.*$", + "string_replace":"User-Agent: Mozilla/5.0 (Linux; U; Android 2.2; en-us; Droid Build/FRG22D) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" + }, + { + "comment":"Require non-cached response", + "enabled":false, + "is_simple_match":false, + "rule_type":"request_header", + "string_match":"^If-Modified-Since.*$" + }, + { + "comment":"Require non-cached response", + "enabled":false, + "is_simple_match":false, + "rule_type":"request_header", + "string_match":"^If-None-Match.*$" + }, + { + "comment":"Hide Referer header", + "enabled":false, + "is_simple_match":false, + "rule_type":"request_header", + "string_match":"^Referer.*$" + }, + { + "comment":"Require non-compressed responses", + "enabled":false, + "is_simple_match":false, + "rule_type":"request_header", + "string_match":"^Accept-Encoding.*$" + }, + { + "comment":"Ignore cookies", + "enabled":false, + "is_simple_match":false, + "rule_type":"response_header", + "string_match":"^Set-Cookie.*$" + }, + { + "comment":"Rewrite Host header", + "enabled":false, + "is_simple_match":false, + "rule_type":"request_header", + "string_match":"^Host: foo.example.org$", + "string_replace":"Host: bar.example.org" + }, + { + "comment":"Add spoofed CORS origin", + "enabled":false, + "is_simple_match":true, + "rule_type":"request_header", + "string_replace":"Origin: foo.example.org" + }, + { + "comment":"Remove HSTS headers", + "enabled":false, + "is_simple_match":false, + "rule_type":"response_header", + "string_match":"^Strict\\-Transport\\-Security.*$" + }, + { + "comment":"Disable browser XSS protection", + "enabled":false, + "is_simple_match":true, + "rule_type":"response_header", + "string_replace":"X-XSS-Protection: 0" + } + ], + "miscellaneous":{ + "disable_logging_to_history_and_site_map":false, + "disable_out_of_scope_logging_to_history_and_site_map":false, + "disable_web_interface":false, + "remove_unsupported_encodings_from_accept_encoding_headers_in_incoming_requests":true, + "set_connection_close_header_on_responses":false, + "set_connection_header_on_requests":true, + "strip_proxy_headers_in_incoming_requests":true, + "strip_sec_websocket_extensions_headers_in_incoming_requests":true, + "suppress_burp_error_messages_in_browser":false, + "unpack_gzip_deflate_in_requests":false, + "unpack_gzip_deflate_in_responses":true, + "use_http_10_in_requests_to_server":false, + "use_http_10_in_responses_to_client":false + }, + "request_listeners":[ + { + "certificate_mode":"per_host", + "custom_tls_protocols":[], + "enable_http2":true, + "listen_mode":"loopback_only", + "listener_port":8080, + "running":true, + "use_custom_tls_protocols":false + }, + { + "certificate_mode":"per_host", + "custom_tls_protocols":[ + "TLSv1", + "TLSv1.1", + "TLSv1.2", + "TLSv1.3" + ], + "enable_http2":true, + "listen_mode":"loopback_only", + "listener_port":9090, + "running":true, + "use_custom_tls_protocols":false + } + ], + "response_modification":{ + "convert_https_links_to_http":false, + "enable_disabled_form_fields":false, + "highlight_unhidden_fields":false, + "remove_all_javascript":false, + "remove_input_field_length_limits":false, + "remove_javascript_form_validation":false, + "remove_object_tags":false, + "remove_secure_flag_from_cookies":false, + "unhide_hidden_form_fields":false + }, + "ssl_pass_through":{ + "automatically_add_entries_on_client_ssl_negotiation_failure":false, + "rules":[] + }, + "web_sockets_history_display_filter":{ + "by_annotation":{ + "show_only_commented_items":false, + "show_only_highlighted_items":false + }, + "by_listener":{ + "listener_port":"" + }, + "by_request_type":{ + "hide_incoming_messages":false, + "hide_outgoing_messages":false, + "show_only_in_scope_items":false + }, + "by_search":{ + "case_sensitive":false, + "negative_search":false, + "regex":false, + "term":"" + } + } + }, + "repeater":{ + "allow_http2_alpn_override":false, + "enable_http1_keep_alive":false, + "enable_http2_connection_reuse":true, + "enforce_protocol_in_redirections":false, + "follow_redirections":"never", + "normalize_line_endings":true, + "process_cookies_in_redirections":false, + "strip_connection_header_over_http2":true, + "unpack_gzip_deflate":true, + "update_content_length":true + }, + "sequencer":{ + "live_capture":{ + "ignore_abnormal_length_tokens":true, + "max_length_deviation":5, + "num_threads":5, + "throttle":0 + }, + "token_analysis":{ + "compression":true, + "correlation":true, + "count":true, + "fips_long_run":true, + "fips_monobit":true, + "fips_poker":true, + "fips_runs":true, + "spectral":true, + "transitions":true + }, + "token_handling":{ + "base_64_decode_before_analyzing":false, + "pad_short_tokens_at":"start", + "pad_with":"0" + } + }, + "target":{ + "filter":{ + "by_annotation":{ + "show_only_commented_items":false, + "show_only_highlighted_items":false + }, + "by_file_extension":{ + "hide_items":[ + "js", + "gif", + "jpg", + "png", + "css" + ], + "hide_specific":false, + "show_items":[ + "asp", + "aspx", + "jsp", + "php" + ], + "show_only_specific":false + }, + "by_folders":{ + "hide_empty_folders":true + }, + "by_mime_type":{ + "show_css":false, + "show_flash":true, + "show_html":true, + "show_images":false, + "show_other_binary":false, + "show_other_text":true, + "show_script":true, + "show_xml":true + }, + "by_request_type":{ + "hide_not_found_items":true, + "show_only_in_scope_items":false, + "show_only_parameterized_requests":false, + "show_only_requested_items":false + }, + "by_search":{ + "case_sensitive":false, + "negative_search":false, + "regex":false, + "term":"" + }, + "by_status_code":{ + "show_2xx":true, + "show_3xx":true, + "show_4xx":false, + "show_5xx":true + } + }, + "scope":{ + "advanced_mode":true, + "exclude":[], + "include":[ + { + "enabled":true, + "file":"^/LoggerPlusPlus.*", + "host":"^project-extension-preference-store-do-not-delete$", + "port":"^65535$", + "protocol":"https" + } + ] + } + } +} \ No newline at end of file