├── .github
└── FUNDING.yml
├── .gitignore
├── cn-Reshaper.txt
├── README.md
├── cn-Logger++.txt
├── cn-PentagridScanController.txt
└── LICENSE
/.github/FUNDING.yml:
--------------------------------------------------------------------------------
1 | custom: https://afdian.com/a/leon406
2 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Compiled class file
2 | *.class
3 |
4 | # Log file
5 | *.log
6 |
7 | # BlueJ files
8 | *.ctxt
9 |
10 | # Mobile Tools for Java (J2ME)
11 | .mtj.tmp/
12 |
13 | # Package Files #
14 | *.jar
15 | *.war
16 | *.nar
17 | *.ear
18 | *.zip
19 | *.tar.gz
20 | *.rar
21 |
22 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
23 | hs_err_pid*
24 |
--------------------------------------------------------------------------------
/cn-Reshaper.txt:
--------------------------------------------------------------------------------
1 | (?i)HTTP Rules? HTTP规则
2 | (?i)WebSocket Rules WebSocket规则
3 | (?i)Global Variables? 全局变量
4 | (?i)Logs? 日志
5 | (?i)Rule Name(\W+) 规则名称
6 | (?i)Whens 何时
7 | (?i)Event Direction 事件方向
8 | (?!)Event Direction: (\w+) 事件方向:$1
9 | (?i)From Tool 工具来源
10 | (?i)Has Entity 包含实体
11 | (?i)In Scope 在范围内
12 | (?i)Matches Text 匹配文本
13 | (?i)Proxy Name 代理名称
14 | (?i)Request Content Type 请求内容类型
15 | (?i)Response MIME Type 响应MIME类型
16 | (?i)Message Type 消息类型
17 | (?i)Move Up 上移
18 | (?i)Move Down 下移
19 | (?i)When Event Direction 事件方向为
20 | (?i)Use OR Condition 使用OR匹配
21 | (?i)Negate Result 取反
22 | (?i)Validated 已验证
23 | (?i)Validate 验证
24 | (?i)Thens 然后
25 | (?i)Break 中断
26 | (?i)Build HTTP Message 构建HTTP消息
27 | (?i)Delay 延迟
28 | (?i)Delete Value 删除值
29 | (?i)Delete Variable 删除变量
30 | (?i)Evaluate 评估
31 | (?i)Parse HTTP Message 解析HTTP消息
32 | (?i)Prompt 提示
33 | (?i)Run Script 运行脚本
34 | (?i)Save File 保存文件
35 | (?i)Send Message 发送消息
36 | (?i)Send Request 发送请求
37 | (?i)Send To 发送至
38 | (?i)Source Value Type 来源类型
39 | (?i)Source Value Path 来源路径
40 | (?i)Match Type 匹配类型
41 | (?i)Ignore Case 忽略大小写
42 | (?i)Set Encoding 设置编码
43 | (?i)Set Value 设置值
44 | (?i)Set Variable 设置变量
45 | (?i)Run Process? 运行进程
46 | (?i)Run Rules? 运行规则
47 | (?i)Auto Run 自动运行
48 | (?i)Enable Event Diagnostics? 启用事件诊断
49 | (?i)Diagnostic Value Max Length 诊断值最大长度
50 | (?i)Enable Sanity Check Warnings? 启用合理性检查警告
51 | (?i)Replicate Logs in Extender Output 在扩展栏中输出日志
52 | (?i)Logs Tab Character Limit 日志选项卡字符限制
53 | (?i)Default Encoding 默认编码
54 | (?i)Reset Data 重置数据
55 | (?i)Items to Export 要导出的项目
56 | (?i)Refresh Lists 刷新列表
57 | (?i)Export Data 导出数据
58 | (?i)Overwrite Duplicates? 覆盖重复项
59 | (?i)Capture Traffic From:? 流量来源:
60 | (?i)When From Tool 当来源从
61 | (?i)When Matches Text 当匹配文本时
62 | (?i)Source Message Value 源消息值
63 | (?i)HTTP Source Address HTTP源地址
64 | (?i)HTTP Destination Address HTTP目的地址
65 | (?i)HTTP Destination Port HTTP目的端口
66 | (?i)URL Protocol URL协议
67 | (?i)Request Message 请求消息
68 | (?i)Request Status Line 请求状态行
69 | (?i)Request Method 请求方法
70 | (?i)Request URL 请求URL
71 | (?i)Request URI Path 请求URL路径
72 | (?i)Request URL Query Parameters? 请求URL参数
73 | (?i)Set Event Direction 设置事件方向
74 | (?i)Destination Message Value 目的消息值
75 | (?i)Source Text 源文本
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | 
6 | 
7 |
8 |
9 | Visitors :eyes:
10 |
11 |
12 | 
13 | 
14 |
15 | BurpSuite汉化发布 如果有用请star,这是支持我更新的最大的动力.
16 |
17 |
18 | **4.11.22**
19 |
20 | - 翻译更新 2024.10.1 版本
21 | - 支持自定义java版本及参数环境变量
22 | - bp.java java home路径
23 | - bp.java.options 额外参数
24 |
25 | **3.7.17**
26 | fix [#16](https://github.com/Leon406/BurpSuiteCN-Release/issues/16) MacOS配置无效
27 |
28 | **3.5.20 翻译更新到 2023.5.1 版本**
29 | 支持外置多个cn*.txt文件翻译,优化不翻译白名单,兼容插件
30 |
31 | **3.3.23 翻译更新到 2023.3.2 版本**
32 | 修复翻译错误,及Target过滤显示问题
33 |
34 | **3.1.16 翻译更新到 2023.1 版本**
35 | 此版本修改较多,新增368个翻译,3个白名单规则.
36 |
37 |
38 |
39 | ## 如何使用 (选择一种即可)
40 |
41 | ### 一键启动(需要勾选自动启动auto start)
42 |
43 | ```
44 | java -jar burpsuitloader-x.xx-all.jar
45 | ```
46 |
47 | ### keygen页面 (按需勾选loader,汉化,一键启动)
48 |
49 | ```
50 | java -jar burpsuitloader-x.xx-all.jar -r
51 | ```
52 |
53 |
54 | ### java agent配置方式(如果一键启用有问题的,建议采用这种方式)
55 |
56 |
57 | ```
58 | // loader + 汉化
59 | %JAVA_HOME%/bin/java -javaagent:burpsuitloader-x.xx-all.jar=loader,han -jar burpsuite_pro_v20xx.jar
60 |
61 | // 仅汉化,loader失效
62 | %JAVA_HOME%/bin/java -javaagent:burpsuitloader-x.xx-all.jar=han -jar burpsuite_pro_v20xx.jar
63 |
64 | ```
65 |
66 | ### 版本命名
67 |
68 | [A]A.BB.CC[.DD]
69 |
70 | - AA 年份减去2020, 2022为 2
71 | - BB 月份
72 | - CC 修改日期
73 | - DD 可选,小版本号,如有从1开始
74 |
75 |
76 |
77 | 如 2.11.19 为2022-11-19 构建发布的第一个版本
78 |
79 |
80 |
81 | ### 外置文件(按需手动创建)
82 |
83 | - debug文件或者文件夹
84 |
85 | 打开调试日志,写入已翻译文本到log目录
86 |
87 | - white.txt 不翻译白名单,支持正则, 注释行以#开头
88 |
89 | - cn.txt 翻译内容 ,支持正则,可覆盖默认内容,分隔符为Tab键, 注释行以#开头
90 | - cn*.txt 支持多个文件,插件翻译内容 ,支持正则,可覆盖默认内容,分隔符为Tab键, 注释行以#开头
91 |
92 |
93 | ## 文件日志及问题反馈
94 |
95 | 根目录下会生成log文件,未翻译的内容会写入日志, 如需翻译,请提issue 附上日志文件
96 | 任何翻译有问题,或者不准确的,请提issue反馈
97 |
98 | debug版本同时会生成已翻译的日志
99 |
100 |
101 |
102 | ## 已知问题
103 |
104 | 翻译原理实现基于[BurpSuiteCn 汉化](https://github.com/funkyoummp/BurpSuiteCn) , 部分页面无法翻译,个人能力有限,未找到文本注入点,如果有师傅知道也请提issue告知。
105 |
106 | 目前发现新版本设置树状菜单内容无法翻译
107 |
108 |
109 | 以下是原作者找到的注入点
110 |
111 | - java/awt/Frame#setTitle
112 |
113 | - java/awt/Dialog#setTitle
114 |
115 | - javax/swing/JLabel#setText
116 |
117 | - javax/swing/AbstractButton#setText
118 |
119 | - javax/swing/text/JTextComponent#setText
120 |
121 | - javax/swing/text/PlainDocument#insertString ==> javax/swing/text/AbstractDocument#insertString 参考 [Belle](https://github.com/ankokuty/Belle)
122 |
123 | - javax/swing/JComponent#setToolTipText
124 |
125 | - javax/swing/text/PlainDocument#setTitle
126 |
127 | - javax/swing/JComboBox#addItem
128 |
129 | - javax/swing/JOptionPane#addTab
130 |
131 | - javax/swing/JOptionPane#insertTab
132 |
133 | - javax/swing/JDialog#JDialog
134 |
135 |
136 |
--------------------------------------------------------------------------------
/cn-Logger++.txt:
--------------------------------------------------------------------------------
1 | #####添加Logger++ 插件翻译-部分不生效#####
2 | In progress 处理中
3 | Postponed 推迟
4 | Log From 日志来源
5 | In scope items only 仅在范围内项目
6 | All Tools 所有来源
7 | Filter Library 过滤库
8 | Grep Values 正则搜索
9 | Unique Results 去重结果
10 | Import proxy history on startup 启动时导入代理日志
11 | Import Burp Proxy History 导入Burp代理日志
12 | CSV Exporter CSV导出
13 | Export as CSV 导出到CSV
14 | Auto-export as CSV 自动导出到CSV
15 | Unsaved 未保存的
16 | Field 字段
17 | Select fields to be exported: 选择要导出的字段:
18 | Select All 选择所有
19 | Select None 取消所有
20 |
21 | (?i)Tags? 标签
22 | Add Tag 添加标签
23 | Set as LogFilter 应用到过滤器
24 | Use as Color LogFilter 设置日志过滤颜色
25 | Ignored 忽略
26 | Snippet 语法
27 | Add Snippet 添加语法
28 | Remove Selected 删除选中
29 | In Scope Only 仅在范围内
30 | Search Responses 搜索响应
31 | Search Requests 搜索请求
32 | Saved Filter Sharing 保存与分享过滤规则
33 | Color Filter Sharing 保存与分享颜色规则
34 | Other 其他
35 | Response Timeout (Seconds): 响应超时(秒):
36 | Maximum Log Entries: 最大日志条数:
37 | Search Threads: 搜索线程数:
38 | Maximum Response Size (MB): 最大响应大小(MB):
39 | (?i)Reset 重置
40 | (?i)Reset All Settings? 重置所有设置
41 | (?i)Clear The Logs? 清空日志
42 | Note 0: Right click on columns' headers to change settings. 提示0:右键单击列的标题以更改设置
43 | Note 1: Extensive logging may affect Burp Suite performance. 提示1:广泛的日志记录可能会影响Burp Suite的性能,建议只匹配范围内项目
44 | Note 2: Automatic logging does not saveFilters requests and responses. Only table contents. 提示2:自动日志记录不保存过滤器请求和响应,只有表单内容
45 | Note 3: Full request/response logging available in 'Project Options > Misc > Logging' 提示3:"项目选项 > Misc > 日志" 中提供完整的请求/响应日志记录
46 | Note 4: Updating the extension will reset the log table settings. 提示4:更新扩展将重置日志设置
47 | Advanced multithreaded logging tool 高级多线程日志记录工具
48 | Logger++ was developed as an alternative to the log history included within Burp Suite. Advantages over the original implementation are a more comprehensive number of fields, the ability to show only specific entries to better monitor activity via the use of adaptable filters from various fields and row coloring to highlight interesting entries which match a specific filter. LOGER++是作为Burp Suite中包含的日志历史的替代而开发的。与原始实现相比,它具有更全面的字段数量,能够只显示特定的条目,通过使用来自不同字段的适应性flters来更好地监视活动,并通过行着色突出显示与特定筛选器匹配的有趣条目。
49 | Filters were developed with the intention of being highly customisable and therefore may be as simple or complex as you require. Once a filter has been entered, the color of the input field will change to reflect the validity of the filter. 开发过滤器的目的是高度可定制,因此可以根据您的需求简单或复杂化。设置过滤规则后,匹配字段的颜色将更改以反应规则的有效性。
50 | With the new parser, fields have been separated into groups. A list of fields and their group can be found to the right. E.g. Request.Method 使用新的解析器,字段已分组。可以在右侧找到字段以及所属组的列表,例如:Request.Method
51 | Filter Fields 筛选字段
52 | (?i)Creating Filters 创建过滤器
53 | (?i)Basic operations 基本运算符
54 | == - Equal, valid on all fields. == 相等,可对所有字段使用
55 | != - Not Equal, valid on all fields. != 不相等,可对所有字段使用
56 | < - Less Than, only valid on numeric fields (Integer, Short, Date, ...) < 小于,仅对数值字段(整数、短整型、日期等)有效
57 | > - Greater Than, only valid on numeric fields (Integer, Short, Date, ...) > 大于,仅对数值字段(整数、短整型、日期等)有效
58 | <= - Less Than Or Equal, only valid on numeric fields (Integer, Short, Date, ...) <= 小于或等于,仅对数值字段(整数、短整型、日期等)有效
59 | >= - Greater Than Or Equal, only valid on numeric fields (Integer, Short, Date, ...) >= 大于或等于,仅对数值字段(整数、短整型、日期等)有效
60 | Special operations 特殊操作
61 | CONTAINS - True if value is found anywhere in the string CONTAINS - 如果值在所有数据中匹配,则为 True
62 | IN - True if value is found within the provided array IN - 如果值在提供的数组中匹配,则为 True
63 | True if value matches the provided regular expression 如果值在提供的正则表达式匹配,则为 True
64 | (?i)Notes? 提示
65 | MATCHES - True if value matches the provided regular expression MATCHES - 匹配操作要求整个字符串与表达式匹配
66 | See Regular Expressions for more info on regular expressions. 有关正则表达式的详细信息,请参阅正则表达式
67 | Compound Operations 组合操作
68 | Multiple filters can be combined into compound filters using the following operators. 可以使用以下运算符将多个过滤规则组合到复合筛选器中
69 | Note: Compound operations cannot be mixed without explicitly specifying order of precedence using parenthesis 提示:如果不使用括号显式指定优先级顺序,则不能混合复合操作
70 | Tips and Tricks 提示与技巧
71 | Filters can be generated by right clicking a log entry field, or right clicking within a request / response viewer with selected text. 可以通过右键单击日志条目字段或在具有选定文本的请求/响应查看器中右键单击来生成过滤器
72 | Right-clicking in the main filter text box will show a dropdown list of the available fields to be used. 右键单击筛选器文本框将显示要使用的可用字段的下拉列表。
73 | A number of fields are available to use from the requests within your filters. These are listed below. 筛选器中的Request和Respon中有许多字段可供使用,详见下方:
74 | (?i)Description 描述
75 | Description: The entire request encoded in Base64 详情:将整个请求编码为Base64
76 | Description: The request line and associated headers. 详情:请求头Header相关的字段
77 | Description: The length of the received request. 详情:响应长度
78 | Description: The tool used to initiate the request. 详情:请求模块来源:如scanner、extensions等
79 | Description: Has a response been received? 详情:是否收到响应?
80 | Description: Compares the cookies with the cookie jar to see if any of them are in use. 详情:将 cookie 与 cookie jar 进行比较,以查看其中是否有任何Cookie正在使用中
81 | (?i)Aliases?. 别名
--------------------------------------------------------------------------------
/cn-PentagridScanController.txt:
--------------------------------------------------------------------------------
1 | (?i)About(\W+)README 关于$1阅读
2 | (?i)Duplicates? 重复
3 | (?i)Interesting 有趣的
4 | (?i)Repeatability reasoning or why it was not scanned 可重复性推理或未扫描原因
5 | (?i)scanned 已扫描
6 | (?i)(\W+)repeatability requests $1可重复性请求
7 | A new version of the 5# Scan Controller extension was installed, the settingsare not compatible, so all settings have been reset (check the Scan tab). 安装了5# Scan Controller 的新版本,设置不兼容,因此所有设置都已重置(请检查扫描选项卡)
8 | (?i)Modified Request 修改后的请求
9 | (?i)Modified Response 修改后的响应
10 | (?i)Original Request 原请求
11 | (?i)Original Response 原响应
12 | (?i)(\W?\w+) not found 找不到$1
13 | Only change settings marked with (!) if you really know what you do 确保你知道自己在做什么,否则请不要更改带!的设置
14 | Requests to process (others won't show in UI) 要处理的请求(其他请求不会显示)
15 | (?i)proxy requests? 代理请求
16 | (?i)repeater requests? 重发器请求
17 | Delay scans in seconds (0 to disable) 以秒为单位延迟扫描(0 表示禁用)
18 | (?i)burp active scan Burp主动扫描
19 | (?i)Hard exclusions? 硬排除
20 | Only scan repeatable requests (!) 只扫描可重复的请求(!)
21 | Never scan uninteresting HTTP status codes 不扫描无趣的HTTP状态码
22 | Never scan uninteresting HTTP methods 不扫描无趣的HTTP方法
23 | Never scan GET requests to uninteresting URL file extensions 不扫描以GET请求的无趣文件扩展:js、css等
24 | Never scan requests to uninteresting URL file extensions 不扫描无趣的URL文件扩展请求
25 | Never scan duplicates (URL, status code, parameters, see Duplicates counter) 不扫描重复的请求(URL、状态码、参数、查看重复计数器)
26 | Never scan duplicates (URL, status code, see Duplicates counter) 不扫描重复的请求(URL、状态码、查看重复计数器)
27 | Never scan request URLs matching this Regex 不扫描的URL请求,使用正则匹配
28 | Never scan requests matching this Regex 不扫描匹配此正则表达式的请求
29 | Only scan requests with a minimum interesting score of 仅扫描有趣得分达到最低分数的请求
30 | (?i)Repeatability 重复性
31 | Delay repeatability checks in seconds (0 to disable) 延迟可重复性检查(以秒为单位)(0以禁用)
32 | (?i)Do heuristics? 启发式扫描
33 | Maximum response length difference in % 最大响应长度差%
34 | Heuristic words: repetition success (one per line) 启发式单词:重复成功(每行一个)
35 | Heuristic words: repetition error (one per line) 启发式单词:重复错误(每行一个)
36 | Heuristic words: repetition fatal error (one per line) 启发式单词:重复致命错误(每行一次)
37 | Abort repeatability tests for current request if heuristic detects this many fatal errors 如果启发式检测到这么多致命错误,则中止当前请求的可重复性测试
38 | Modifications for repeatability 可重复性修改
39 | Maximum requests until giving up 最大的请求,直到放弃
40 | Additional catch-all email domain used to detect if email is in a parameter (apart from Collaborator domain) 额外的通用电子邮件域,用于检测电子邮件是否在参数中(除了Collaborator域外)
41 | Change UUIDs in parameter values 更改参数中的 UUID值
42 | Change Emails in parameter values 更改参数中的电子邮件值
43 | Change Numerics [0-9]+ in parameter values 更改参数中数字的值,为[0-9]+
44 | Change Double [0-9]+\.[0-9]+ in parameter values 更改参数中数字的双数值,为[0-9]+\.[0-9]+
45 | Change unix epoch timestamps (now +/- 3 months, in seconds or milliseconds) in parameter values 更改参数中unix时间戳,为(现在+/- 3个月范围,以秒或毫秒为单位)
46 | Change Alphabetic [a-zA-Z] in parameter values 更改参数中的字母值,为([a-zA-Z])
47 | Change Birthdate YYYY-MM-DD in parameter values 更改参数中的日期,为(yyyy-mm-dd)
48 | Change booleans (true, false, 0, 1, True, etc.) in parameter values 更改参数值的布尔值(true、false、0、1、True等)
49 | Change according to charset (e.g. 'foo_bar' might change to 'bffar_a') in parameter values 根据字符编码进行更改参数值更改,(例如,'foo_bar'可能变为'bffar_a')
50 | Inject into URL query strings (Burp's PARAM_URL) URL参数注入(Burp的PARAM_URL)
51 | Inject into body (Burp's PARAM_BODY) Body注入(Burp的PARAM_body)
52 | Inject into cookies (Burp's PARAM_COOKIE) Cookie注入(Burp的PARAM_Cookie)
53 | Inject into non-standard HTTP headers (this extension's PARAM_NON_STANDARD_HEADER) HTTP头注入(此扩展的PARAM_non-Standard_Header)
54 | Inject into XML text nodes (this extension's PARAM_XML_CONTENT) XML节点注入(此扩展的PARAM_XML_Content)
55 | Inject into XML attributes (this extension's PARAM_XML_ATTR) XML属性注入(此扩展的PARAM_XML_ATTR)
56 | Inject into multipart filename (this extension's PARAM_MULTIPART_FILENAME) 文件名扩展注入(此扩展的PARAM_MULTIPART_FILENAME)
57 | Inject into multipart content (this extension's PARAM_MULTIPART_CONTENT) 文件内容注入(此扩展的PARAM_MultiPart_Content)
58 | Inject into JSON values (this extension's PARAM_JSON) JSON值注入(此扩展的PARAM_JSON)
59 | Other settings 其他设置
60 | Turn debug on (see extender output) 打开调试(参见扩展程序输出)
61 | Use this many Threads to check repeatability/scan (requires extension reload) (!) 要用多少线程来检查可重复性/扫描(需要扩展重新加载) (!)
62 | (?i)Unhide all log entries? 取消隐藏所有日志记录
63 | (?i)Delete all log entries? 删除所有日志记录
64 | Detailed settings (un)interesting things 详细设置有趣/无趣的东西
65 | Interesting URL file extensions (one per line) 有趣的URL文件扩展名(每行一个)
66 | Uninteresting URL file extensions (one per line) 无趣的URL文件扩展名(每行一个)
67 | Interesting status codes (one per line) 有趣的状态码(每一行一个)
68 | Uninteresting status codes (one per line) 无趣的状态码(每行一个)
69 | Interesting HTTP methods (one per line) 有趣的HTTP方法(每行一条)
70 | Uninteresting HTTP methods (one per line) 无趣的HTTP方法(每行一个)
71 | (?i)Interesting score settings? 扫描分数设置
72 | Points for multipart/form-data requests multipart/form-data请求的分数
73 | Points for interesting HTTP request method 有趣的HTTP方法分数
74 | Points for interesting URL file extension 有趣的URL文件扩展分数
75 | Points for interesting HTTP response status code 有趣的HTTP状态码分数
76 | Points per parameter 每个参数的分数
77 | Experimental features for repeatability definition settings 重复性定义设置(实验性功能)
78 | Ignore HTTP Status Codes (!) 忽略HTTP状态码(!)
79 | Fixed response content indicating 200 OK (!) 修复响应内容包含200的状态(!)
80 | Improve Automated and Semi-Automated Active Scanning 改进自动和半自动的主动扫描
81 | Active Scanning might often do things that don't make any sense, such as scanning GET requests to .js files or scanning non-repeatable request. This extension allows to filter and preprocess according to your needs. It tries to check if a request is repeatable or not. If a request is not repeatable, it tries to make them repeatable by injecting Hackvertor tags. The extension doesn't try to be perfect, but useful. It cuts corners and in some cases simply doesn't scan certain requests. However, the extension individually displays and explains all decisions, allowing you to change the settings if you don't like the behavior. 主动扫描可能经常做一些没有意义的事情,例如扫描对.js文件的GET请求或扫描不可重复的请求。这个扩展允许根据你的需要进行过滤和预处理。它试图检查一个请求是否是可重复的。如果一个请求是不可重复的,它试图通过注入Hackvertor标签来使其可重复。该扩展并不试图做到完美,但很有用。它走弯路,在某些情况下干脆不扫描某些请求。然而,该扩展单独显示和解释所有的决定,如果你不喜欢这种行为,允许你改变设置。
82 | (?i)Features? 未来
83 | Everything configurable (interesting/uninteresting, blacklisting requests, etc.) 一切都是可配置的(有趣/无趣,请求黑名单,等等)
84 | Howto use this extension 如何使用该扩展
85 | Usage is very simple: 使用方法非常简单:
86 | Add the website you test to the scope 将你测试的网站添加到范围中
87 | Enable "Proxy requests" in the tab/section "Scan - Options - Requests to process" 在 "扫描-选项-要处理的请求 "标签/部分中启用 "代理请求"
88 | Browse the web application (proxy) by using the Burp builtin browser. 使用Burp内置的浏览器(代理)
89 | Check back on the Scan tab and see which request have been active scanned. Check those that have a high 在 "扫描 "选项卡上查看哪些请求已经被主动扫描了
90 | "Interesting" rating but haven't been scanned ("Scanned" column set to false) 检查“有趣”列,有很高评分但还没有被扫描的请求("已扫描 "列设置为假)
91 | See the Dashboard for Active Scan findings 查看主动扫描结果的仪表板
92 | It's always good to sort by the reason column in the UI and check the different reasons. 查看UI中的推理列,排序并检查不同的原因,可能会由意外收获
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "[]"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright [yyyy] [name of copyright owner]
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------