jsluice++: Burp Suite extension designed for passive and active scanning of JavaScript traffic
jsluice++
jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice.
The extension utilizes jsluice’s capabilities to extract URLs, paths, and secrets from static JavaScript files and integrates it with Burp Suite, allowing you to easily scan javascript traffic from Burp Suite’s Sitemap or Proxy while also offering a user-friendly interface for data inspection and a variety of additional useful features.
Features
- Monitor URLs
- Send to Repeater
- Secrets
- Secret Notifications
- Copy URL
- Positive/Negative Match
- In-scope only
- In-line Tags
- Hide Duplicates
- Show Parameterized
- Import/Export
- Save Settings
Usage
Active scan
The extension adds an item to Burp Suite‘s context menu which allows you to easily process responses from Burp Suite’s Sitemap tab
to do so simply right-click any host in the sitemap tree or any item in the sitemap table and select Extensions->jsluice++->Process selected item(s) in Burp Suite’s context menu. When processing items from the site map tree the extension will get the site map of every selected item (Multiple hosts can be processed)
Passive scan
Default: Off
When Passive scan is toggled on the extension will register an http handler and process responses from traffic flowing through Burp Suite’s Proxy (it’s recommended to use the in-scope only feature when enabling passive scan to reduce noise)
The extension will process any URL with a .js file extension or a JavaScript mime type and a success status code (2xx) using jsluice’s urls mode.
The processed JavaScript file is temporarily saved locally in the “.jsluicepp” directory and gets removed after jsluice has finished processing it,
If jsluice returns any data, the host associated with the URL will be added to the Hosts list, to view the results from jsluice simply select the host and the desired file (multiple files can be selected).
Note: the same URL (GET parameters excluded) will not be processed more than once until the extension is reloaded, this doesn’t apply to monitored urls.
Install
Copyright (c) 2024 0x999
