├── .gitignore ├── BappDescription.html ├── BappManifest.bmf ├── LICENSE ├── README.MD ├── build.gradle ├── build ├── libs │ └── postman-integration-2.0.jar └── tmp │ └── jar │ └── MANIFEST.MF ├── gradle └── wrapper │ ├── gradle-wrapper.jar │ └── gradle-wrapper.properties ├── gradlew ├── gradlew.bat ├── images └── screen_image.png ├── settings.gradle └── src └── main ├── java ├── assess │ ├── ExportProcessor.java │ ├── PostmanFrame.java │ ├── PostmanTableModel.java │ └── model │ │ ├── Body.java │ │ ├── BodyKeyValue.java │ │ ├── Collection.java │ │ ├── Folder.java │ │ ├── FolderItem.java │ │ ├── Item.java │ │ ├── Request.java │ │ ├── RequestItem.java │ │ └── RequestSource.java └── burp │ └── BurpExtender.java └── resources ├── TG-16-16.png └── TG-32-32.png /.gitignore: -------------------------------------------------------------------------------- 1 | *.class 2 | *.jar 3 | *.war 4 | *.ear 5 | .project 6 | .classpath 7 | .settings 8 | Thumbs.db 9 | .DS_Store 10 | .gradle 11 | !gradle-wrapper.jar 12 | !postman-integration-*.jar 13 | target 14 | out 15 | bin 16 | *.log 17 | *.swp 18 | *.bak 19 | build/resources/main 20 | build/ 21 | -------------------------------------------------------------------------------- /BappDescription.html: -------------------------------------------------------------------------------- 1 |

This extension integrates with the Postman tool by generating a Postman collection JSON file.

2 | 3 |

To use it, select the requests you want to export, and choose "Export as Postman Collection" from the context menu. 4 | This will open a dialog that allows you to configure the output and generate the file.

5 | -------------------------------------------------------------------------------- /BappManifest.bmf: -------------------------------------------------------------------------------- 1 | Uuid: 6ae9ede3630949748842a43518e840a7 2 | ExtensionType: 1 3 | Name: Postman Integration 4 | RepoName: postman-integration 5 | ScreenVersion: 2.0 6 | SerialVersion: 5 7 | MinPlatformVersion: 0 8 | ProOnly: False 9 | Author: Teruhiro Tagomori@NRI SecureTechnologies 10 | ShortDescription: Integrate with the Postman tool by generating a collection file. 11 | EntryPoint: build/libs/postman-integration-2.0.jar 12 | BuildCommand: ./gradlew jar 13 | SupportedProducts: Pro, Community 14 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2018 tagomaru 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. -------------------------------------------------------------------------------- /README.MD: -------------------------------------------------------------------------------- 1 |

2 | postman-integration 3 |

4 | 5 | # Postman Integration 6 | Postman Integration is an extension to generate **Postman Collection fomat json file**. 7 | 8 | # Usage 9 | 10 | * It's very easy. You can open Postman Integration window from context menu "Export as Postman Collection" on history tab. Multiple selection is OK!. Then set up the followings on the window. 11 | 12 | * **Encoding** - This is encoding. 13 | 14 | * **Collection Name**: - Collection name which you want to name in Postman. 15 | 16 | * **Folder Name**: - Folder name which you want to name in Postman. You may use "Set ALL" button to set folder name to the field "Folder" for all of requests. 17 | 18 | * **Name**: - Request name which you want to name in Postman. 19 | 20 | * Once you press **Export** button, this generate Postman Collection format json file. **You can import it into Postman**. 21 | 22 | ## License 23 | MIT 24 | -------------------------------------------------------------------------------- /build.gradle: -------------------------------------------------------------------------------- 1 | apply plugin: 'java' 2 | 3 | sourceCompatibility = 17 4 | targetCompatibility = 17 5 | 6 | jar.baseName = 'postman-integration' 7 | version = '2.0' 8 | 9 | // In this section you declare where to find the dependencies of your project 10 | repositories { 11 | jcenter() 12 | } 13 | 14 | // In this section you declare the dependencies for your production and test code 15 | dependencies { 16 | implementation 'net.portswigger.burp.extender:burp-extender-api:1.7.22' 17 | implementation group: 'com.google.code.gson', name: 'gson', version: '2.7' 18 | } 19 | jar { 20 | from configurations.compileClasspath.collect { it.isDirectory() ? it : zipTree(it) } 21 | } 22 | 23 | // Encoding 24 | def defaultEncoding = 'UTF-8' 25 | compileJava { 26 | options.encoding = defaultEncoding // affect */java under src/main/java 27 | } 28 | 29 | compileTestJava { 30 | options.encoding = defaultEncoding // affect */java under src/test/java 31 | } 32 | -------------------------------------------------------------------------------- /build/libs/postman-integration-2.0.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PortSwigger/postman-integration/36a1a3f928a1a74f449800e793de84bf19a852af/build/libs/postman-integration-2.0.jar -------------------------------------------------------------------------------- /build/tmp/jar/MANIFEST.MF: -------------------------------------------------------------------------------- 1 | Manifest-Version: 1.0 2 | 3 | -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PortSwigger/postman-integration/36a1a3f928a1a74f449800e793de84bf19a852af/gradle/wrapper/gradle-wrapper.jar -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionBase=GRADLE_USER_HOME 2 | distributionPath=wrapper/dists 3 | distributionUrl=https\://services.gradle.org/distributions/gradle-7.4.2-bin.zip 4 | zipStoreBase=GRADLE_USER_HOME 5 | zipStorePath=wrapper/dists 6 | -------------------------------------------------------------------------------- /gradlew: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | 3 | # 4 | # Copyright 2015 the original author or authors. 5 | # 6 | # Licensed under the Apache License, Version 2.0 (the "License"); 7 | # you may not use this file except in compliance with the License. 8 | # You may obtain a copy of the License at 9 | # 10 | # https://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | 19 | ############################################################################## 20 | ## 21 | ## Gradle start up script for UN*X 22 | ## 23 | ############################################################################## 24 | 25 | # Attempt to set APP_HOME 26 | # Resolve links: $0 may be a link 27 | PRG="$0" 28 | # Need this for relative symlinks. 29 | while [ -h "$PRG" ] ; do 30 | ls=`ls -ld "$PRG"` 31 | link=`expr "$ls" : '.*-> $.*$$'` 32 | if expr "$link" : '/.*' > /dev/null; then 33 | PRG="$link" 34 | else 35 | PRG=`dirname "$PRG"`"/$link" 36 | fi 37 | done 38 | SAVED="`pwd`" 39 | cd "`dirname \"$PRG\"`/" >/dev/null 40 | APP_HOME="`pwd -P`" 41 | cd "$SAVED" >/dev/null 42 | 43 | APP_NAME="Gradle" 44 | APP_BASE_NAME=`basename "$0"` 45 | 46 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 47 | DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' 48 | 49 | # Use the maximum available, or set MAX_FD != -1 to use that value. 50 | MAX_FD="maximum" 51 | 52 | warn () { 53 | echo "$*" 54 | } 55 | 56 | die () { 57 | echo 58 | echo "$*" 59 | echo 60 | exit 1 61 | } 62 | 63 | # OS specific support (must be 'true' or 'false'). 64 | cygwin=false 65 | msys=false 66 | darwin=false 67 | nonstop=false 68 | case "`uname`" in 69 | CYGWIN* ) 70 | cygwin=true 71 | ;; 72 | Darwin* ) 73 | darwin=true 74 | ;; 75 | MINGW* ) 76 | msys=true 77 | ;; 78 | NONSTOP* ) 79 | nonstop=true 80 | ;; 81 | esac 82 | 83 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar 84 | 85 | 86 | # Determine the Java command to use to start the JVM. 87 | if [ -n "$JAVA_HOME" ] ; then 88 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 89 | # IBM's JDK on AIX uses strange locations for the executables 90 | JAVACMD="$JAVA_HOME/jre/sh/java" 91 | else 92 | JAVACMD="$JAVA_HOME/bin/java" 93 | fi 94 | if [ ! -x "$JAVACMD" ] ; then 95 | die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME 96 | 97 | Please set the JAVA_HOME variable in your environment to match the 98 | location of your Java installation." 99 | fi 100 | else 101 | JAVACMD="java" 102 | which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 103 | 104 | Please set the JAVA_HOME variable in your environment to match the 105 | location of your Java installation." 106 | fi 107 | 108 | # Increase the maximum file descriptors if we can. 109 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then 110 | MAX_FD_LIMIT=`ulimit -H -n` 111 | if [ $? -eq 0 ] ; then 112 | if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then 113 | MAX_FD="$MAX_FD_LIMIT" 114 | fi 115 | ulimit -n $MAX_FD 116 | if [ $? -ne 0 ] ; then 117 | warn "Could not set maximum file descriptor limit: $MAX_FD" 118 | fi 119 | else 120 | warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" 121 | fi 122 | fi 123 | 124 | # For Darwin, add options to specify how the application appears in the dock 125 | if $darwin; then 126 | GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" 127 | fi 128 | 129 | # For Cygwin or MSYS, switch paths to Windows format before running java 130 | if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then 131 | APP_HOME=`cygpath --path --mixed "$APP_HOME"` 132 | CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` 133 | 134 | JAVACMD=`cygpath --unix "$JAVACMD"` 135 | 136 | # We build the pattern for arguments to be converted via cygpath 137 | ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` 138 | SEP="" 139 | for dir in $ROOTDIRSRAW ; do 140 | ROOTDIRS="$ROOTDIRS$SEP$dir" 141 | SEP="|" 142 | done 143 | OURCYGPATTERN="(^($ROOTDIRS))" 144 | # Add a user-defined pattern to the cygpath arguments 145 | if [ "$GRADLE_CYGPATTERN" != "" ] ; then 146 | OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" 147 | fi 148 | # Now convert the arguments - kludge to limit ourselves to /bin/sh 149 | i=0 150 | for arg in "$@" ; do 151 | CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` 152 | CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option 153 | 154 | if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition 155 | eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` 156 | else 157 | eval `echo args$i`="\"$arg\"" 158 | fi 159 | i=`expr $i + 1` 160 | done 161 | case $i in 162 | 0) set -- ;; 163 | 1) set -- "$args0" ;; 164 | 2) set -- "$args0" "$args1" ;; 165 | 3) set -- "$args0" "$args1" "$args2" ;; 166 | 4) set -- "$args0" "$args1" "$args2" "$args3" ;; 167 | 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; 168 | 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; 169 | 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; 170 | 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; 171 | 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; 172 | esac 173 | fi 174 | 175 | # Escape application args 176 | save () { 177 | for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done 178 | echo " " 179 | } 180 | APP_ARGS=`save "$@"` 181 | 182 | # Collect all arguments for the java command, following the shell quoting and substitution rules 183 | eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" 184 | 185 | exec "$JAVACMD" "$@" 186 | -------------------------------------------------------------------------------- /gradlew.bat: -------------------------------------------------------------------------------- 1 | @rem 2 | @rem Copyright 2015 the original author or authors. 3 | @rem 4 | @rem Licensed under the Apache License, Version 2.0 (the "License"); 5 | @rem you may not use this file except in compliance with the License. 6 | @rem You may obtain a copy of the License at 7 | @rem 8 | @rem https://www.apache.org/licenses/LICENSE-2.0 9 | @rem 10 | @rem Unless required by applicable law or agreed to in writing, software 11 | @rem distributed under the License is distributed on an "AS IS" BASIS, 12 | @rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | @rem See the License for the specific language governing permissions and 14 | @rem limitations under the License. 15 | @rem 16 | 17 | @if "%DEBUG%" == "" @echo off 18 | @rem ########################################################################## 19 | @rem 20 | @rem Gradle startup script for Windows 21 | @rem 22 | @rem ########################################################################## 23 | 24 | @rem Set local scope for the variables with windows NT shell 25 | if "%OS%"=="Windows_NT" setlocal 26 | 27 | set DIRNAME=%~dp0 28 | if "%DIRNAME%" == "" set DIRNAME=. 29 | set APP_BASE_NAME=%~n0 30 | set APP_HOME=%DIRNAME% 31 | 32 | @rem Resolve any "." and ".." in APP_HOME to make it shorter. 33 | for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi 34 | 35 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 36 | set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" 37 | 38 | @rem Find java.exe 39 | if defined JAVA_HOME goto findJavaFromJavaHome 40 | 41 | set JAVA_EXE=java.exe 42 | %JAVA_EXE% -version >NUL 2>&1 43 | if "%ERRORLEVEL%" == "0" goto execute 44 | 45 | echo. 46 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 47 | echo. 48 | echo Please set the JAVA_HOME variable in your environment to match the 49 | echo location of your Java installation. 50 | 51 | goto fail 52 | 53 | :findJavaFromJavaHome 54 | set JAVA_HOME=%JAVA_HOME:"=% 55 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe 56 | 57 | if exist "%JAVA_EXE%" goto execute 58 | 59 | echo. 60 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 61 | echo. 62 | echo Please set the JAVA_HOME variable in your environment to match the 63 | echo location of your Java installation. 64 | 65 | goto fail 66 | 67 | :execute 68 | @rem Setup the command line 69 | 70 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar 71 | 72 | 73 | @rem Execute Gradle 74 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* 75 | 76 | :end 77 | @rem End local scope for the variables with windows NT shell 78 | if "%ERRORLEVEL%"=="0" goto mainEnd 79 | 80 | :fail 81 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of 82 | rem the _cmd.exe /c_ return code! 83 | if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 84 | exit /b 1 85 | 86 | :mainEnd 87 | if "%OS%"=="Windows_NT" endlocal 88 | 89 | :omega 90 | -------------------------------------------------------------------------------- /images/screen_image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PortSwigger/postman-integration/36a1a3f928a1a74f449800e793de84bf19a852af/images/screen_image.png -------------------------------------------------------------------------------- /settings.gradle: -------------------------------------------------------------------------------- 1 | /* 2 | * This settings file was generated by the Gradle 'init' task. 3 | * 4 | * The settings file is used to specify which projects to include in your build. 5 | * In a single project build this file can be empty or even removed. 6 | * 7 | * Detailed information about configuring a multi-project build in Gradle can be found 8 | * in the user guide at https://docs.gradle.org/3.5/userguide/multi_project_builds.html 9 | */ 10 | 11 | /* 12 | // To declare projects as part of a multi-project build use the 'include' method 13 | include 'shared' 14 | include 'api' 15 | include 'services:webservice' 16 | */ 17 | 18 | rootProject.name = 'postman-integration' 19 | -------------------------------------------------------------------------------- /src/main/java/assess/ExportProcessor.java: -------------------------------------------------------------------------------- 1 | package assess; 2 | 3 | import java.io.BufferedWriter; 4 | import java.io.File; 5 | import java.io.FileOutputStream; 6 | import java.io.IOException; 7 | import java.io.OutputStreamWriter; 8 | import java.io.PrintWriter; 9 | import java.io.StringWriter; 10 | import java.net.URLDecoder; 11 | import java.util.ArrayList; 12 | import java.util.Arrays; 13 | import java.util.HashMap; 14 | import java.util.List; 15 | import java.util.Map; 16 | 17 | import javax.swing.ImageIcon; 18 | import javax.swing.JFileChooser; 19 | import javax.swing.JLabel; 20 | import javax.swing.JOptionPane; 21 | 22 | import com.google.gson.Gson; 23 | import com.google.gson.GsonBuilder; 24 | 25 | import assess.model.Body; 26 | import assess.model.BodyKeyValue; 27 | import assess.model.Collection; 28 | import assess.model.Request; 29 | import assess.model.RequestItem; 30 | import assess.model.RequestSource; 31 | import assess.model.FolderItem; 32 | import burp.IBurpExtenderCallbacks; 33 | import burp.IExtensionHelpers; 34 | import burp.IHttpRequestResponse; 35 | import burp.IHttpService; 36 | import burp.IParameter; 37 | import burp.IRequestInfo; 38 | 39 | public class ExportProcessor { 40 | 41 | private List reqLists = new ArrayList<>(); 42 | private IExtensionHelpers helpers; 43 | private IBurpExtenderCallbacks callbacks; 44 | private String encoding; 45 | private String colName; 46 | private Map folderMap = new HashMap<>(); 47 | 48 | public static final String[] EXCLUDED_HEADERS = { "Content-Length", "Connection", "Accept-Encoding" }; 49 | 50 | private static JFileChooser filechooser = new JFileChooser(); 51 | 52 | public ExportProcessor(List list, IBurpExtenderCallbacks callbacks, String encoding, String colName) { 53 | super(); 54 | this.reqLists = list; 55 | this.callbacks = callbacks; 56 | this.helpers = callbacks.getHelpers(); 57 | this.encoding = encoding; 58 | this.colName = colName; 59 | } 60 | 61 | public void process() throws Exception { 62 | /* generate request */ 63 | List reqModelList = new ArrayList<>(); 64 | 65 | for (RequestSource reqRes : reqLists) { 66 | reqModelList.add(generateRequest(reqRes)); 67 | } 68 | 69 | /* Generate collection */ 70 | Collection col = new Collection(colName); 71 | 72 | // Set request to collection or folder 73 | for (Request req : reqModelList) { 74 | RequestItem reqItem = new RequestItem(); 75 | reqItem.setName(req.getName()); 76 | reqItem.setRequest(req); 77 | String folderName = req.getFolder(); 78 | if (folderName == null || folderName.equals("")) { 79 | // set request to collection 80 | col.getItem().add(reqItem); 81 | } else { 82 | // set request to folder 83 | folderMap.get(folderName).addRequest(reqItem); 84 | } 85 | } 86 | 87 | /* Set folder to collection */ 88 | for(Map.Entry folderItem : folderMap.entrySet()) { 89 | col.getItem().add(folderItem.getValue()); 90 | } 91 | 92 | /* generate file */ 93 | filechooser.setDialogTitle("Save Postman Collection json file."); 94 | filechooser.setSelectedFile(new File("")); 95 | 96 | int selected = filechooser.showSaveDialog(null); 97 | 98 | // if cancel is selected, go to next attack save; 99 | if (selected == JFileChooser.CANCEL_OPTION) 100 | return; 101 | 102 | File file; 103 | 104 | if (filechooser.getSelectedFile().getPath().lastIndexOf(".json") == -1) { 105 | file = new File(filechooser.getSelectedFile().getPath() + ".json"); 106 | } else { 107 | file = new File(filechooser.getSelectedFile().getPath()); 108 | } 109 | // Confirm to replace exiting file. 110 | if (file.exists()) { 111 | String m = String.format("%s already exists.
Do you want to replace it?", file.getAbsolutePath()); 112 | int rv = JOptionPane.showConfirmDialog(filechooser, m, "Save As", JOptionPane.YES_NO_OPTION); 113 | if (rv != JOptionPane.YES_OPTION) { 114 | // if no is selected, do nothing. 115 | return; 116 | } 117 | } 118 | 119 | Gson gson = new GsonBuilder().serializeNulls().setPrettyPrinting().create(); 120 | try (PrintWriter pw = new PrintWriter(new BufferedWriter(new OutputStreamWriter(new FileOutputStream(file), encoding)))) { 121 | pw.write(gson.toJson(col)); 122 | pw.flush(); 123 | } catch (IOException e) { 124 | StringWriter sw = new StringWriter(); 125 | PrintWriter pw = new PrintWriter(sw); 126 | e.printStackTrace(pw); 127 | pw.flush(); 128 | String stackTrace = sw.toString(); 129 | new PrintWriter(callbacks.getStderr(), true).println(stackTrace); 130 | JLabel label = new JLabel("Failed to be generated. See Errors Tab on Extender Tab"); 131 | JOptionPane.showMessageDialog(null, label,"Error", JOptionPane.ERROR_MESSAGE); 132 | } 133 | java.net.URL iconUrl = 134 | getClass().getClassLoader().getResource("TG-32-32.png"); 135 | ImageIcon imageIcon = new ImageIcon(iconUrl); 136 | JLabel label = new JLabel("Export was done."); 137 | JOptionPane.showMessageDialog(null, label, "Message", JOptionPane.PLAIN_MESSAGE, imageIcon); 138 | } 139 | 140 | private Request generateRequest(RequestSource reqSource) throws Exception { 141 | String name = reqSource.getReqName(); 142 | byte[] reqBytes = reqSource.getReq().getRequest(); 143 | IRequestInfo iReqInfo = this.helpers.analyzeRequest(reqBytes); 144 | 145 | Request reqModel = new Request(); 146 | 147 | // support only json, kvm, xml, and multipart 148 | byte cType = iReqInfo.getContentType(); 149 | if (cType == IRequestInfo.CONTENT_TYPE_JSON || cType == IRequestInfo.CONTENT_TYPE_MULTIPART || cType == IRequestInfo.CONTENT_TYPE_XML) { 150 | int bodyOffset = iReqInfo.getBodyOffset(); 151 | byte[] reqBodyBytes = new byte[reqBytes.length - bodyOffset]; 152 | System.arraycopy(reqBytes, bodyOffset, reqBodyBytes, 0, reqBytes.length - bodyOffset); 153 | Body body = new Body(); 154 | body.setMode("raw"); 155 | body.setRaw(new String(reqBodyBytes, encoding)); 156 | reqModel.setBody(body); 157 | } else if (cType == IRequestInfo.CONTENT_TYPE_URL_ENCODED) { 158 | List bodyList = getRequestParams(iReqInfo); 159 | Body body = new Body(); 160 | body.setMode("urlencoded"); 161 | body.setUrlencoded(bodyList); 162 | reqModel.setBody(body); 163 | } else if (cType == IRequestInfo.CONTENT_TYPE_NONE ){ 164 | } else { 165 | throw new Exception("[" + reqSource.getReqName() +"] This content type is not supported."); 166 | } 167 | 168 | // Set method 169 | reqModel.setMethod(iReqInfo.getMethod()); 170 | 171 | // Set headers 172 | List> headerList = new ArrayList<>(); 173 | for (int num = 1; num < iReqInfo.getHeaders().size(); num++) { // exclude 174 | // request 175 | // line 176 | // like 177 | // "POST 178 | // /hoge 179 | // HTTP/1.1" 180 | String[] header = iReqInfo.getHeaders().get(num).split(": "); 181 | Map headerMap = new HashMap<>(); 182 | if (!Arrays.asList(EXCLUDED_HEADERS).contains(header[0])) { 183 | headerMap.put("key", header[0]); 184 | headerMap.put("value", header[1]); 185 | headerList.add(headerMap); 186 | } 187 | } 188 | reqModel.setHeader(headerList); 189 | 190 | // Set URL 191 | reqModel.setUrl(getURL(reqSource.getReq())); 192 | 193 | // Set Name 194 | reqModel.setName(name); 195 | 196 | // Set folder name 197 | String folderName = reqSource.getFolderName(); 198 | if(folderName != null && !folderName.equals("")) { 199 | if(!folderMap.containsKey(folderName)) { 200 | // create folder 201 | folderMap.put(folderName, new FolderItem(folderName)); 202 | } 203 | 204 | reqModel.setFolder(folderName); 205 | } 206 | 207 | return reqModel; 208 | } 209 | 210 | private List getRequestParams(IRequestInfo iReqInfo) throws Exception { 211 | List paramsList = iReqInfo.getParameters(); 212 | 213 | String urlDecodedValue; 214 | IParameter params; 215 | byte typeByte; 216 | 217 | List data = new ArrayList<>(); 218 | for (int row = 0; row < paramsList.size(); row++) { 219 | params = paramsList.get(row); 220 | typeByte = params.getType(); 221 | // get URLDecoded value 222 | try { 223 | urlDecodedValue = URLDecoder.decode(params.getValue(), this.encoding); 224 | if (typeByte == IParameter.PARAM_BODY) { 225 | BodyKeyValue keyValue = new BodyKeyValue(); 226 | keyValue.setKey(params.getName()); 227 | keyValue.setValue(urlDecodedValue); 228 | data.add(keyValue); 229 | } 230 | } catch (Exception e) { 231 | throw e; 232 | } 233 | } 234 | return data; 235 | } 236 | 237 | private String getURL(IHttpRequestResponse requestResponse) { 238 | IHttpService iHS = requestResponse.getHttpService(); 239 | String port = Integer.toString(iHS.getPort()); 240 | String urlPort; 241 | if (port.equals("80") || port.equals("443")) 242 | urlPort = ""; 243 | else 244 | urlPort = ":" + port; 245 | 246 | String url; 247 | String uri = new String(requestResponse.getRequest()).split("\n")[0].split(" ")[1]; 248 | if (uri.startsWith("http")) 249 | url = uri; 250 | else 251 | url = iHS.getProtocol() + "://" + iHS.getHost() + urlPort 252 | + new String(requestResponse.getRequest()).split("\n")[0].split(" ")[1]; 253 | 254 | return url; 255 | } 256 | 257 | } -------------------------------------------------------------------------------- /src/main/java/assess/PostmanFrame.java: -------------------------------------------------------------------------------- 1 | package assess; 2 | 3 | import java.awt.Color; 4 | import java.awt.Cursor; 5 | import java.awt.Dimension; 6 | import java.awt.Font; 7 | import java.awt.Label; 8 | import java.awt.event.ActionEvent; 9 | import java.awt.event.ActionListener; 10 | import java.awt.event.MouseEvent; 11 | import java.awt.event.MouseListener; 12 | import java.awt.event.MouseMotionListener; 13 | import java.io.PrintWriter; 14 | import java.io.StringWriter; 15 | import java.io.UnsupportedEncodingException; 16 | import java.util.ArrayList; 17 | import java.util.List; 18 | 19 | import javax.swing.ImageIcon; 20 | import javax.swing.JButton; 21 | import javax.swing.JFrame; 22 | import javax.swing.JLabel; 23 | import javax.swing.JPanel; 24 | import javax.swing.JScrollPane; 25 | import javax.swing.JTable; 26 | import javax.swing.JTextField; 27 | 28 | import assess.model.RequestSource; 29 | import burp.IBurpExtenderCallbacks; 30 | import burp.IExtensionHelpers; 31 | import burp.IHttpRequestResponse; 32 | import burp.IHttpService; 33 | import burp.IRequestInfo; 34 | 35 | public class PostmanFrame extends JFrame implements MouseMotionListener, MouseListener { 36 | 37 | private static final long serialVersionUID = -3439093083112839349L; 38 | 39 | private JPanel mainPanel; 40 | 41 | private JLabel encodingLabel; 42 | private JTextField encodingTextField; 43 | private static String encoding = "UTF-8"; 44 | private Label titleLabel; 45 | private JLabel noteLabel; 46 | private JLabel colNameLabel; 47 | private JTextField colNameTextField; 48 | private JLabel folderNameLabel; 49 | private JTextField folderNameTextField; 50 | private JButton setFolderNameBtn; 51 | private JButton exportBtn; 52 | private JLabel headerNoteLabel; 53 | 54 | private JScrollPane reqScrollPane; 55 | 56 | private List reqList; 57 | private IExtensionHelpers helpers; 58 | private IBurpExtenderCallbacks callbacks; 59 | 60 | private int reqCount; 61 | 62 | /** Table for Requests */ 63 | private JTable requestsTable; 64 | 65 | /** Table Model */ 66 | private PostmanTableModel tableModel; 67 | 68 | /** Triangle Label for resize */ 69 | JLabel triangleLabel; 70 | 71 | /** Start X of ScrollPane */ 72 | private static final int REQ_PANE_X = 10; 73 | 74 | /** Start Y of ScrollPane */ 75 | private static final int REQ_PANE_Y = 170; 76 | 77 | /** Width of ScrollPane */ 78 | private static final int REQ_PANE_WIDTH = 900; 79 | 80 | /** Height of ScrollPane */ 81 | private static final int REQ_PANE_HEIGHT = 250; 82 | 83 | /** 84 | * Minimum Space between right side of reqScrollpane and that of this pane. 85 | */ 86 | private static final int MINIMUM_SPACE_OF_REQPANE_RIGHTSIDE = 100; 87 | 88 | /** resize flag. If true, reqScrollPane can be resized */ 89 | boolean resizeFlg = false; 90 | 91 | public PostmanFrame(int posX, int posY, int reqCount) { 92 | this.setBounds(posX, posY, 1200, 540); 93 | java.net.URL iconUrl = getClass().getClassLoader().getResource("TG-16-16.png"); 94 | this.setIconImage(new ImageIcon(iconUrl).getImage()); 95 | 96 | this.reqCount = reqCount; 97 | 98 | render(); 99 | } 100 | 101 | private void render() { 102 | mainPanel = new JPanel(); 103 | mainPanel.setLayout(null); 104 | mainPanel.addMouseMotionListener(this); 105 | mainPanel.addMouseListener(this); 106 | titleLabel = new Label("Postman Integration Setting"); 107 | titleLabel.setForeground(new Color(229, 137, 0)); 108 | titleLabel.setFont(new Font("Dialog", Font.BOLD, 15)); 109 | noteLabel = new JLabel("These settings let you configure Postman Integration."); 110 | encodingLabel = new JLabel("Encoding:"); 111 | encodingTextField = new JTextField(encoding); 112 | colNameLabel = new JLabel("Collection Name:"); 113 | colNameTextField = new JTextField(""); 114 | folderNameLabel = new JLabel("Folder Name:"); 115 | folderNameTextField = new JTextField(""); 116 | tableModel = new PostmanTableModel(reqCount); 117 | requestsTable = new JTable(tableModel); 118 | 119 | StringBuilder sb = new StringBuilder("[ "); 120 | for(int i = 0; i < ExportProcessor.EXCLUDED_HEADERS.length; i++) { 121 | if(i == ExportProcessor.EXCLUDED_HEADERS.length - 1) { 122 | sb.append("\"" + ExportProcessor.EXCLUDED_HEADERS[i] + "\""); 123 | } else { 124 | sb.append("\"" + ExportProcessor.EXCLUDED_HEADERS[i] + "\", "); 125 | } 126 | } 127 | sb.append(" ]"); 128 | headerNoteLabel = new JLabel("The following request headers will not be exported. " + sb.toString()); 129 | 130 | // first column size should be fixed. 131 | requestsTable.getColumnModel().getColumn(PostmanTableModel.FOLDER_NAME_INDEX).setPreferredWidth(75); 132 | requestsTable.getColumnModel().getColumn(PostmanTableModel.NAME_COLUMN_INDEX).setPreferredWidth(75); 133 | requestsTable.getColumnModel().getColumn(PostmanTableModel.METHOD_COLUMN_INDEX).setPreferredWidth(75); 134 | requestsTable.getColumnModel().getColumn(PostmanTableModel.URL_COLUMN_INDEX).setPreferredWidth(REQ_PANE_WIDTH - 75 - 75 - 75); 135 | 136 | // Generating ScrollPane for Requests Table 137 | reqScrollPane = new JScrollPane(requestsTable); 138 | reqScrollPane.setHorizontalScrollBarPolicy(JScrollPane.HORIZONTAL_SCROLLBAR_NEVER); 139 | 140 | // Setup triangle label for Requests ScrollPane resize. 141 | triangleLabel = new JLabel("▶"); 142 | triangleLabel.setForeground(new Color(229, 137, 0)); 143 | triangleLabel.setFont(new Font("Dialog", Font.BOLD, 18)); 144 | 145 | // Setup Export Button 146 | exportBtn = new JButton("Export"); 147 | exportBtn.addActionListener(new ActionListener() { 148 | @Override 149 | public void actionPerformed(ActionEvent e) { 150 | List reqSrcList = new ArrayList<>(); 151 | for (int i = 0; i < reqList.size(); i++) { 152 | RequestSource rs = new RequestSource(reqList.get(i), 153 | (String) tableModel.getValueAt(i, PostmanTableModel.NAME_COLUMN_INDEX), (String) tableModel.getValueAt(i, PostmanTableModel.FOLDER_NAME_INDEX)); 154 | reqSrcList.add(rs); 155 | } 156 | ExportProcessor expProcessor = new ExportProcessor(reqSrcList, callbacks, getEncoding(), colNameTextField.getText()); 157 | 158 | try { 159 | expProcessor.process(); 160 | } catch (Exception ex) { 161 | StringWriter sw = new StringWriter(); 162 | PrintWriter pw = new PrintWriter(sw); 163 | ex.printStackTrace(pw); 164 | pw.flush(); 165 | String stackTrace = sw.toString(); 166 | // obtain error streams 167 | PrintWriter stderr = new PrintWriter(callbacks.getStderr(), true); 168 | stderr.println(stackTrace); 169 | callbacks.issueAlert( 170 | "Some error happened. Please check Burp Extensions Errors tab. Message:" + ex.getMessage()); 171 | } 172 | 173 | // Update encoding 174 | encoding = getEncoding(); 175 | } 176 | }); 177 | 178 | // Set up Folder Name Set Button 179 | setFolderNameBtn = new JButton("Set ALL"); 180 | setFolderNameBtn.addActionListener(new ActionListener() { 181 | public void actionPerformed(ActionEvent e) { 182 | for(int i = 0; i < reqCount; i++) 183 | tableModel.setValueAt(folderNameTextField.getText(), i, PostmanTableModel.FOLDER_NAME_INDEX); 184 | } 185 | }); 186 | 187 | // set location and size 188 | titleLabel.setBounds(10, 10, 284, 23); 189 | noteLabel.setBounds(14, 40, 500, 15); 190 | encodingLabel.setBounds(15, 65, 69, 23); 191 | encodingTextField.setBounds(140, 62, 104, 28); 192 | colNameLabel.setBounds(15, 98, 112, 23); 193 | colNameTextField.setBounds(139, 95, 179, 28); 194 | folderNameLabel.setBounds(15, 129, 112, 23); 195 | folderNameTextField.setBounds(138, 129, 179, 28); 196 | setFolderNameBtn.setBounds(329, 129, 91, 28); 197 | reqScrollPane.setLocation(REQ_PANE_X, REQ_PANE_Y); 198 | reqScrollPane.setSize(REQ_PANE_WIDTH, REQ_PANE_HEIGHT); 199 | triangleLabel.setBounds(REQ_PANE_X + REQ_PANE_WIDTH + 5, REQ_PANE_Y + 70, 20, 110); 200 | exportBtn.setBounds(15, 430, 91, 28); 201 | headerNoteLabel.setBounds(14, 462, 796, 28); 202 | 203 | // add to pane 204 | mainPanel.add(titleLabel); 205 | mainPanel.add(noteLabel); 206 | getContentPane().add(encodingLabel); 207 | getContentPane().add(encodingTextField); 208 | getContentPane().add(colNameLabel); 209 | getContentPane().add(colNameTextField); 210 | mainPanel.add(reqScrollPane); 211 | mainPanel.add(triangleLabel); 212 | mainPanel.add(folderNameLabel); 213 | mainPanel.add(folderNameTextField); 214 | mainPanel.add(setFolderNameBtn); 215 | mainPanel.add(exportBtn); 216 | mainPanel.add(headerNoteLabel); 217 | getContentPane().add(mainPanel); 218 | 219 | 220 | 221 | 222 | 223 | } 224 | 225 | public PostmanTableModel getTableModel() { 226 | return this.tableModel; 227 | } 228 | 229 | public String getEncoding() { 230 | try { 231 | "dummy".getBytes(encodingTextField.getText()); 232 | return encodingTextField.getText(); 233 | } catch (UnsupportedEncodingException e) { 234 | return System.getProperty("file.encoding"); 235 | } 236 | } 237 | 238 | public void setRequest(List reqList, IBurpExtenderCallbacks callbacks) { 239 | this.reqList = reqList; 240 | this.callbacks = callbacks; 241 | this.helpers = callbacks.getHelpers(); 242 | for (int i = 0; i < reqList.size(); i++) { 243 | IHttpRequestResponse reqRes = reqList.get(i); 244 | IRequestInfo iReqInfo = helpers.analyzeRequest(reqRes.getRequest()); 245 | String name = String.format("%03d", new Integer(i + 1)); 246 | String method = iReqInfo.getMethod(); 247 | String url = getURL(reqRes); 248 | 249 | /* set value on table */ 250 | this.tableModel.setValueAt(name, i, PostmanTableModel.NAME_COLUMN_INDEX); 251 | this.tableModel.setValueAt(method, i, PostmanTableModel.METHOD_COLUMN_INDEX); 252 | this.tableModel.setValueAt(url, i, PostmanTableModel.URL_COLUMN_INDEX); 253 | // this.tableModel.setValueAt(true, i, 254 | // PostmanTableModel.ENABLED_COLUMN_INDEX); 255 | } 256 | } 257 | 258 | private String getURL(IHttpRequestResponse requestResponse) { 259 | IHttpService iHS = requestResponse.getHttpService(); 260 | String port = Integer.toString(iHS.getPort()); 261 | String urlPort; 262 | if (port.equals("80") || port.equals("443")) 263 | urlPort = ""; 264 | else 265 | urlPort = ":" + port; 266 | 267 | String url; 268 | String uri = new String(requestResponse.getRequest()).split("\n")[0].split(" ")[1]; 269 | if (uri.startsWith("http")) 270 | url = uri; 271 | else 272 | url = iHS.getProtocol() + "://" + iHS.getHost() + urlPort 273 | + new String(requestResponse.getRequest()).split("\n")[0].split(" ")[1]; 274 | 275 | return url; 276 | } 277 | 278 | @Override 279 | public void mouseDragged(java.awt.event.MouseEvent e) { 280 | // if resizeFlg is true and X of mouse pointer gt 150 and some space is 281 | // rest on right side, resize is permitted. 282 | if (resizeFlg && e.getX() > 150 && e.getX() < this.getWidth() - MINIMUM_SPACE_OF_REQPANE_RIGHTSIDE) { 283 | 284 | // change mouse cursor 285 | e.getComponent().setCursor(new Cursor(Cursor.E_RESIZE_CURSOR)); 286 | 287 | // reqScrollPane is resized. 288 | reqScrollPane.setSize(new Dimension(e.getX() - REQ_PANE_X, REQ_PANE_HEIGHT)); 289 | reqScrollPane.repaint(); 290 | reqScrollPane.revalidate(); 291 | 292 | // triangleLabel is also resized. 293 | triangleLabel.setBounds(e.getX() + 5, REQ_PANE_Y, 20, 110); 294 | triangleLabel.repaint(); 295 | triangleLabel.revalidate(); 296 | 297 | // Repaint 298 | this.repaint(); 299 | this.revalidate(); 300 | } 301 | } 302 | 303 | @Override 304 | public void mouseMoved(java.awt.event.MouseEvent e) { 305 | int x = e.getX(); 306 | int y = e.getY(); 307 | int w = REQ_PANE_X + reqScrollPane.getWidth(); 308 | 309 | // change cursor of mouse pointer 310 | e.getComponent().setCursor(new Cursor(Cursor.DEFAULT_CURSOR)); 311 | 312 | // if mouse pointer is on resize area right to pane, cursor is 313 | // changed. 314 | if ((x > w && x < w + 10) && (y > REQ_PANE_Y && y < REQ_PANE_Y + REQ_PANE_HEIGHT)) { 315 | e.getComponent().setCursor(new Cursor(Cursor.E_RESIZE_CURSOR)); 316 | // if pointer is on resize area, this flag is set to true. This flag 317 | // is referred from mouseDragged. 318 | resizeFlg = true; 319 | } 320 | } 321 | 322 | @Override 323 | public void mouseClicked(MouseEvent e) { 324 | } 325 | 326 | @Override 327 | public void mouseEntered(MouseEvent e) { 328 | } 329 | 330 | @Override 331 | public void mouseExited(MouseEvent e) { 332 | // if mouse pointer exits from this pane, cursor is changed to default 333 | // one. 334 | e.getComponent().setCursor(new Cursor(Cursor.DEFAULT_CURSOR)); 335 | } 336 | 337 | @Override 338 | public void mousePressed(MouseEvent e) { 339 | } 340 | 341 | @Override 342 | public void mouseReleased(MouseEvent e) { 343 | // if mouse is released, cursor is changed to defalut one and resize 344 | // flag should be always set to false. 345 | e.getComponent().setCursor(new Cursor(Cursor.DEFAULT_CURSOR)); 346 | resizeFlg = false; 347 | } 348 | } -------------------------------------------------------------------------------- /src/main/java/assess/PostmanTableModel.java: -------------------------------------------------------------------------------- 1 | package assess; 2 | 3 | import javax.swing.event.TableModelEvent; 4 | import javax.swing.event.TableModelListener; 5 | import javax.swing.table.AbstractTableModel; 6 | 7 | public class PostmanTableModel extends AbstractTableModel implements TableModelListener { 8 | 9 | private static final long serialVersionUID = 5767402190172442585L; 10 | 11 | /** Table Date */ 12 | private Object[][] tableData; 13 | 14 | /** Table Column Name */ 15 | private static final String[] columnNames = {"Folder", "Name", "Method", "URL"}; 16 | 17 | /** Table Row Count */ 18 | public int tableRowCount; 19 | 20 | /** Table Column Count */ 21 | public static final int TABLE_COLUMN_COUNT = 4; 22 | 23 | /** Table column index */ 24 | public static final int FOLDER_NAME_INDEX = 0; 25 | public static final int NAME_COLUMN_INDEX = 1; 26 | public static final int METHOD_COLUMN_INDEX = 2; 27 | public static final int URL_COLUMN_INDEX = 3; 28 | 29 | public PostmanTableModel(int tableRowCount) { 30 | this.tableRowCount = tableRowCount; 31 | tableData = new Object[tableRowCount][TABLE_COLUMN_COUNT]; 32 | for(int i = 0; i < tableRowCount; i++) { 33 | for(int j = 0; j < TABLE_COLUMN_COUNT; j++) 34 | tableData[i][j] = new String(""); 35 | } 36 | 37 | // add listener 38 | addTableModelListener(this); 39 | } 40 | 41 | public Object[][] getTabledata() { 42 | return this.tableData; 43 | } 44 | 45 | @Override 46 | public int getColumnCount() { 47 | return TABLE_COLUMN_COUNT; 48 | } 49 | 50 | @Override 51 | public int getRowCount() { 52 | return tableRowCount; 53 | } 54 | 55 | @Override 56 | public Object getValueAt(int rowIndex, int columnIndex) { 57 | return tableData[rowIndex][columnIndex]; 58 | } 59 | 60 | @Override 61 | public String getColumnName(int columnIndex) { 62 | return columnNames[columnIndex]; 63 | } 64 | 65 | @Override 66 | public Class getColumnClass(int columnIndex) { 67 | return getValueAt(0, columnIndex).getClass(); 68 | } 69 | 70 | @Override 71 | public boolean isCellEditable(int rowIndex, int columnIndex) { 72 | if(columnIndex == NAME_COLUMN_INDEX || columnIndex == FOLDER_NAME_INDEX) 73 | return true; 74 | else 75 | return false; 76 | } 77 | 78 | @Override 79 | public void setValueAt(Object aValue, int rowIndex, int columnIndex) { 80 | tableData[rowIndex][columnIndex]=aValue; 81 | fireTableDataChanged(); 82 | } 83 | 84 | // 85 | // implement TableModelListener 86 | // 87 | @Override 88 | public void tableChanged(TableModelEvent e) { 89 | } 90 | } -------------------------------------------------------------------------------- /src/main/java/assess/model/Body.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | import java.util.List; 4 | import java.util.ArrayList; 5 | 6 | public class Body { 7 | private List urlencoded = new ArrayList<>(); 8 | private String mode; 9 | private String raw; 10 | 11 | public void setMode(String mode) { 12 | this.mode = mode; 13 | } 14 | 15 | public String getMode() { 16 | return this.mode; 17 | } 18 | 19 | public void setUrlencoded(List urlencoded) { 20 | this.urlencoded = urlencoded; 21 | } 22 | 23 | public List getUrlencoded() { 24 | return this.urlencoded; 25 | } 26 | 27 | public void setRaw(String raw) { 28 | this.raw = raw; 29 | } 30 | 31 | public String getRaw() { 32 | return this.raw; 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /src/main/java/assess/model/BodyKeyValue.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | public class BodyKeyValue { 4 | public String getKey() { 5 | return key; 6 | } 7 | public void setKey(String key) { 8 | this.key = key; 9 | } 10 | public String getValue() { 11 | return value; 12 | } 13 | public void setValue(String value) { 14 | this.value = value; 15 | } 16 | public String getType() { 17 | return type; 18 | } 19 | public void setType(String type) { 20 | this.type = type; 21 | } 22 | public boolean isDisabled() { 23 | return this.disabled; 24 | } 25 | public void setDisabled(boolean disabled) { 26 | this.disabled = disabled; 27 | } 28 | private String key; 29 | private String value; 30 | private String type = "text"; 31 | private boolean disabled = false; 32 | } 33 | -------------------------------------------------------------------------------- /src/main/java/assess/model/Collection.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | import java.util.ArrayList; 4 | import java.util.List; 5 | import java.util.UUID; 6 | 7 | public class Collection { 8 | private Info info; 9 | private List item = new ArrayList<>(); 10 | 11 | class Info { 12 | private String _postman_id; 13 | private String name; 14 | private String schema = "https://schema.getpostman.com/json/collection/v2.0.0/collection.json"; 15 | public Info(String name) { 16 | super(); 17 | this._postman_id = UUID.randomUUID().toString(); 18 | this.name = name; 19 | } 20 | } 21 | 22 | public String getId() { 23 | return this.info._postman_id; 24 | } 25 | 26 | public void setId(String id) { 27 | this.info._postman_id = id; 28 | } 29 | 30 | public List getItem() { 31 | return this.item; 32 | } 33 | 34 | public void setItem(List item) { 35 | this.item = item; 36 | } 37 | 38 | public Collection(String name) { 39 | super(); 40 | this.info = new Info(name); 41 | } 42 | } -------------------------------------------------------------------------------- /src/main/java/assess/model/Folder.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | import java.util.ArrayList; 4 | import java.util.List; 5 | import java.util.UUID; 6 | 7 | public class Folder { 8 | private String name; 9 | private List item = new ArrayList<>(); 10 | 11 | public Folder(String name) { 12 | this.name = name; 13 | } 14 | 15 | public String getName() { 16 | return name; 17 | } 18 | 19 | public void setName(String name) { 20 | this.name = name; 21 | } 22 | 23 | public void setRequestItem(RequestItem reqItem) { 24 | this.item.add(reqItem); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/main/java/assess/model/FolderItem.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | import java.util.List; 4 | import java.util.ArrayList; 5 | 6 | public class FolderItem extends Item { 7 | private List item = new ArrayList<>(); 8 | 9 | public void addRequest(RequestItem reqItem) { 10 | this.item.add(reqItem); 11 | } 12 | 13 | public List getItem() { 14 | return this.item; 15 | } 16 | 17 | public FolderItem(String name) { 18 | super(); 19 | this.name = name; 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/assess/model/Item.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | public abstract class Item 4 | { 5 | protected String name; 6 | 7 | public void setName(String name) { 8 | this.name = name; 9 | } 10 | 11 | public String getName() { 12 | return this.name; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/assess/model/Request.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | import java.util.ArrayList; 4 | import java.util.HashMap; 5 | import java.util.List; 6 | import java.util.Map; 7 | import java.util.UUID; 8 | 9 | public class Request { 10 | private List> header = new ArrayList<>(); 11 | private String url; 12 | private String method; 13 | private Body body; 14 | private transient String name; 15 | private transient String folder = null; 16 | 17 | public List> getHeader() { 18 | return header; 19 | } 20 | 21 | public void setHeader(List> header) { 22 | this.header = header; 23 | } 24 | 25 | public String getUrl() { 26 | return url; 27 | } 28 | 29 | public void setUrl(String url) { 30 | this.url = url; 31 | } 32 | 33 | public String getMethod() { 34 | return method; 35 | } 36 | 37 | public void setMethod(String method) { 38 | this.method = method; 39 | } 40 | 41 | public String getName() { 42 | return name; 43 | } 44 | 45 | public void setName(String name) { 46 | this.name = name; 47 | } 48 | 49 | public void setBody(Body body) { 50 | this.body = body; 51 | } 52 | 53 | public Body getBody() { 54 | return this.body; 55 | } 56 | 57 | public String getFolder() { 58 | return folder; 59 | } 60 | 61 | public void setFolder(String folder) { 62 | this.folder = folder; 63 | } 64 | 65 | public Request() { 66 | super(); 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /src/main/java/assess/model/RequestItem.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | public class RequestItem extends Item { 4 | private Request request; 5 | 6 | public void setRequest(Request req) { 7 | this.request = req; 8 | } 9 | 10 | public RequestItem() { 11 | super(); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/assess/model/RequestSource.java: -------------------------------------------------------------------------------- 1 | package assess.model; 2 | 3 | import burp.IHttpRequestResponse; 4 | 5 | public class RequestSource { 6 | 7 | private IHttpRequestResponse req; 8 | private String reqName; 9 | private String folderName; 10 | 11 | public RequestSource(IHttpRequestResponse req, String reqName, String folderName) { 12 | super(); 13 | this.req = req; 14 | this.reqName = reqName; 15 | this.folderName = folderName; 16 | } 17 | 18 | public IHttpRequestResponse getReq() { 19 | return req; 20 | } 21 | public void setReq(IHttpRequestResponse req) { 22 | this.req = req; 23 | } 24 | public String getReqName() { 25 | return reqName; 26 | } 27 | public void setReqName(String reqName) { 28 | this.reqName = reqName; 29 | } 30 | public String getFolderName() { 31 | return folderName; 32 | } 33 | public void setFolderName(String folderName) { 34 | this.folderName = folderName; 35 | } 36 | 37 | } 38 | -------------------------------------------------------------------------------- /src/main/java/burp/BurpExtender.java: -------------------------------------------------------------------------------- 1 | package burp; 2 | 3 | import java.io.PrintWriter; 4 | import java.io.StringWriter; 5 | import java.util.ArrayList; 6 | import java.util.List; 7 | 8 | import javax.swing.JMenuItem; 9 | import javax.swing.SwingUtilities; 10 | 11 | import assess.PostmanFrame; 12 | 13 | public class BurpExtender implements IBurpExtender, IContextMenuFactory { 14 | private IExtensionHelpers helpers; 15 | private PrintWriter stderr; 16 | 17 | // Extension Name 18 | public static final String EXTENSION_NAME = "Postman Integration"; 19 | 20 | // Extension Version 21 | public static final String VERSION_INFO = "2.0"; 22 | 23 | // JFrame Title 24 | public static final String FRAME_TITLE = "Postman Integration"; 25 | 26 | private IBurpExtenderCallbacks callbacks; 27 | 28 | @Override 29 | public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) { 30 | // set extension name 31 | callbacks.setExtensionName(EXTENSION_NAME + " " + VERSION_INFO); 32 | callbacks.registerContextMenuFactory(this); 33 | 34 | // obtain error streams 35 | stderr = new PrintWriter(callbacks.getStderr(), true); 36 | 37 | // set helper 38 | this.helpers = callbacks.getHelpers(); 39 | 40 | // set callbacks 41 | this.callbacks = callbacks; 42 | } 43 | 44 | @Override 45 | /** 46 | * IContextMenuFactory 47 | */ 48 | public List createMenuItems(IContextMenuInvocation invocation) { 49 | List menuList = new ArrayList<>(); 50 | JMenuItem item = new JMenuItem("Export as Postman Collection"); 51 | 52 | item.addActionListener(e -> { 53 | IHttpRequestResponse[] requestResponseArray = invocation.getSelectedMessages(); 54 | SwingUtilities.invokeLater(new Runnable() { 55 | @Override 56 | public void run() { 57 | try { 58 | 59 | 60 | // Generate Request List 61 | List reqList = new ArrayList<>(); 62 | 63 | for (IHttpRequestResponse requestResponse : requestResponseArray) { 64 | reqList.add(requestResponse); 65 | } 66 | 67 | int posX = 20; // View X position 68 | int posY = 20; // View Y postion 69 | PostmanFrame frame = new PostmanFrame(posX, posY, reqList.size()); 70 | 71 | 72 | frame.setRequest(reqList, BurpExtender.this.callbacks); 73 | 74 | // Set Title to Viewer 75 | frame.setTitle(FRAME_TITLE); 76 | 77 | // Show Viewer 78 | frame.setVisible(true); 79 | 80 | } catch (Exception e) { 81 | StringWriter sw = new StringWriter(); 82 | PrintWriter pw = new PrintWriter(sw); 83 | e.printStackTrace(pw); 84 | pw.flush(); 85 | String stackTrace = sw.toString(); 86 | stderr.println(stackTrace); 87 | BurpExtender.this.callbacks.issueAlert("Some error happened. Please check Burp Extensions Errors tab. Message:" + e.getMessage()); 88 | } 89 | } 90 | }); 91 | }); 92 | menuList.add(item); 93 | return menuList; 94 | } 95 | } -------------------------------------------------------------------------------- /src/main/resources/TG-16-16.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PortSwigger/postman-integration/36a1a3f928a1a74f449800e793de84bf19a852af/src/main/resources/TG-16-16.png -------------------------------------------------------------------------------- /src/main/resources/TG-32-32.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PortSwigger/postman-integration/36a1a3f928a1a74f449800e793de84bf19a852af/src/main/resources/TG-32-32.png --------------------------------------------------------------------------------