The target template path is calculated based on the default nuclei template directory, configured under /.config/nuclei/.templates-config.json.Note: the BurpSuite binary, opposed to the stand-alone BurpSuite jar, might not have access to the current users’s PATH variable.
Burp suite repeater send shortcut code#
The code searches for the nuclei binary path, using the values from the process’s environmental PATH variable. The plugin attempts to auto-detect and complete the configuration values. The template-id is recommended as file name when saving. The template path is auto-updated if the template is saved to a new location. Ctrl + W or Middle Mouse Button Click: close current tab. Mouse Scroll Up/Down over the tabs: navigate to next or previous tab. Ctrl + Shift + Tab or Ctrl + PageUp: open previous tab. Ctrl + Tab or Ctrl + PageDown: open next tab. Ctrl + Plus/Minus: increase/decrease font size. Ctrl + Shift + E: jump to the template editor. Almost every action can be triggered using keyboard shortcuts:. Syntax highlighting of YAML properties, based on reserved words. (Non-contextual) YAML property and value auto-complete, using reserved words from the nuclei JSON schema. History of unique, executed commands are stored, can be quick searched and re-executed within the current session. The plugin auto-generates the CLI command, using the absolute nuclei path, absolute template path and target information extracted from the desired request. Generated templates can be executed instantly, and the output is shown in the same window for convenience. The selected text snippet from an HTTP request under the Proxy or Repeatertab can be used to generate a request template with the attack type defaulting to Battering ram. In the Intruder tab, selected payload positions can be used to generate request templates, using one of the following attack types: Battering ram, Pitchfork or Cluster bomb. 
Every generated template auto-includes a Status matcher, using the HTTP status code of the response. The part field is auto-set based on whether the selection was in the request header or body. Binary matchers are created for selections containing non- ASCII characters. Multi-line selections are split to separate words for readability. Word and Binary matcher creation using selected response snippets from Proxy history or Repeater contexts. Nuclei-Burp-Plugin is a BurpSuite plugin intended to help with nuclei template generation.
0 kommentar(er)
