Skip to content

turingsecure/burp.js

Repository files navigation

burp.js by turingsecure.

Version License: MIT

burp.js is a client side parser for Burp XML output files.

Installation

Install the @turingsecure/burp.js package:

# use yarn or npm
yarn add @turingsecure/burp.js

Import the library to use it in your code:

import { BurpParser } from "@turingsecure/burp.js";

Usage

To parse an XML file, you just have to execute the imported function.

const xml = "burpscan xml";
const parsed = BurpParser(xml);

Note: If the requests and responses are base64 encoded, they will be automatically decoded

API

The BurpParser function returns an array of issues.

If you do not want decoded requests and responses, you can pass a flag:

const xml = "burpscan xml";
const parsed = BurpParser(xml, false);

An issue object has the following properties:

Property Type
serialNumber string
type string
host string
path string
location string
severity string
confidence string
issueBackground string
remediationBackground string
vulnerabilityClassifications string
issueDetail string
references string
requestresponse RequestResponse[ ]

requestresponse is an array of RequestResponse objects with the following properties:

Property Type
request string
response string
responseRedirected string

Contributing

Contributions, issues and feature requests are welcome. Feel free to check out the issues page if you want to contribute.

License

Copyright © 2021 turingsecure. This project is MIT licensed.