├── LICENSE ├── Part 1 ├── Plugin compiled │ └── HelloWorld-1.0-SNAPSHOT.jar └── Plugin sources │ ├── build.gradle │ └── src │ └── main │ └── java │ └── org │ └── fd │ └── montoyatutorial │ └── HelloWorld.java ├── Part 2 ├── Example backend code │ ├── README.md │ ├── backend.py │ └── requirements.txt ├── Plugin compiled │ └── HttpHandlerExample-1.0-SNAPSHOT.jar └── Plugin sources │ ├── build.gradle │ └── src │ └── main │ └── java │ └── org │ └── fd │ └── montoyatutorial │ ├── CustomHttpHandler.java │ └── HttpHandlerExample.java ├── Part 3 ├── Example backend code │ ├── README.md │ ├── app.py │ ├── app_namespace.py │ ├── requirements.txt │ ├── sessions.py │ └── templates │ │ ├── index.html │ │ └── sessions.html ├── Plugin compiled │ └── WebsocketExample-1.0-SNAPSHOT.jar └── Plugin sources │ ├── build.gradle │ └── src │ └── main │ └── java │ ├── CustomWebsocketCreatedHandler.java │ ├── CustomWebsocketHandler.java │ └── WebsocketExample.java ├── Part 4 ├── Example backend code │ ├── README.md │ ├── backend.py │ └── requirements.txt ├── Plugin compiled │ └── HttpRequestResponseEditorExample-1.0-SNAPSHOT.jar └── Plugin sources │ ├── build.gradle │ └── src │ └── main │ └── java │ └── org │ └── fd │ └── montoyatutorial │ ├── CustomHttpRequestEditorTab.java │ ├── CustomHttpRequestResponseEditor.java │ ├── CustomHttpResponseEditorTab.java │ └── HttpRequestResponseEditorExample.java ├── Part 5 ├── Example backend code │ ├── README.md │ ├── backend.py │ └── requirements.txt ├── Plugin compiled │ └── ContextMenuExample-1.0-SNAPSHOT.jar └── Plugin sources │ ├── build.gradle │ └── src │ └── main │ └── java │ └── org │ └── fd │ └── montoyatutorial │ ├── ContextMenuExample.java │ └── CustomContextMenuItemProvider.java ├── Part 6 ├── Example backend application │ └── sampleCommonsCollections3.war ├── Plugin compiled │ └── ScanCheckExample-1.0-SNAPSHOT.jar └── Plugin sources │ ├── build.gradle │ └── src │ └── main │ └── java │ └── org │ └── fd │ └── montoyatutorial │ ├── CustomScanCheck.java │ ├── ScanCheckExample.java │ └── StaticItems.java ├── Part 7 ├── Example backend application │ └── sampleCommonsCollections3.war ├── Plugin compiled │ └── ScanCheckCollaboratorExample-1.0-SNAPSHOT.jar └── Plugin sources │ ├── build.gradle │ └── src │ └── main │ └── java │ └── org │ └── fd │ └── montoyatutorial │ ├── CollaboratorScanCheckExample.java │ ├── CustomCollaboratorScanCheck.java │ └── StaticItems.java ├── Part 8 ├── BChecks │ ├── 1 - Passive SQL exception check.bcheck │ ├── 2 - Active SQL Injection check.bcheck │ ├── 3 - Active SQL Injection check with less FP.bcheck │ ├── 4 - Blind SQL Injection check.bcheck │ ├── 5 - SSRF check.bcheck │ └── 6 - SSRF check improved.bcheck └── Example backend code │ ├── README.md │ ├── backend.py │ ├── requirements.txt │ └── test.db └── README.md /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/LICENSE -------------------------------------------------------------------------------- /Part 1/Plugin compiled/HelloWorld-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 1/Plugin compiled/HelloWorld-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /Part 1/Plugin sources/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 1/Plugin sources/build.gradle -------------------------------------------------------------------------------- /Part 1/Plugin sources/src/main/java/org/fd/montoyatutorial/HelloWorld.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 1/Plugin sources/src/main/java/org/fd/montoyatutorial/HelloWorld.java -------------------------------------------------------------------------------- /Part 2/Example backend code/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 2/Example backend code/README.md -------------------------------------------------------------------------------- /Part 2/Example backend code/backend.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 2/Example backend code/backend.py -------------------------------------------------------------------------------- /Part 2/Example backend code/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==2.3.2 2 | -------------------------------------------------------------------------------- /Part 2/Plugin compiled/HttpHandlerExample-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 2/Plugin compiled/HttpHandlerExample-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /Part 2/Plugin sources/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 2/Plugin sources/build.gradle -------------------------------------------------------------------------------- /Part 2/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomHttpHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 2/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomHttpHandler.java -------------------------------------------------------------------------------- /Part 2/Plugin sources/src/main/java/org/fd/montoyatutorial/HttpHandlerExample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 2/Plugin sources/src/main/java/org/fd/montoyatutorial/HttpHandlerExample.java -------------------------------------------------------------------------------- /Part 3/Example backend code/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Example backend code/README.md -------------------------------------------------------------------------------- /Part 3/Example backend code/app.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Example backend code/app.py -------------------------------------------------------------------------------- /Part 3/Example backend code/app_namespace.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Example backend code/app_namespace.py -------------------------------------------------------------------------------- /Part 3/Example backend code/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Example backend code/requirements.txt -------------------------------------------------------------------------------- /Part 3/Example backend code/sessions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Example backend code/sessions.py -------------------------------------------------------------------------------- /Part 3/Example backend code/templates/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Example backend code/templates/index.html -------------------------------------------------------------------------------- /Part 3/Example backend code/templates/sessions.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Example backend code/templates/sessions.html -------------------------------------------------------------------------------- /Part 3/Plugin compiled/WebsocketExample-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Plugin compiled/WebsocketExample-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /Part 3/Plugin sources/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Plugin sources/build.gradle -------------------------------------------------------------------------------- /Part 3/Plugin sources/src/main/java/CustomWebsocketCreatedHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Plugin sources/src/main/java/CustomWebsocketCreatedHandler.java -------------------------------------------------------------------------------- /Part 3/Plugin sources/src/main/java/CustomWebsocketHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Plugin sources/src/main/java/CustomWebsocketHandler.java -------------------------------------------------------------------------------- /Part 3/Plugin sources/src/main/java/WebsocketExample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 3/Plugin sources/src/main/java/WebsocketExample.java -------------------------------------------------------------------------------- /Part 4/Example backend code/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 4/Example backend code/README.md -------------------------------------------------------------------------------- /Part 4/Example backend code/backend.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 4/Example backend code/backend.py -------------------------------------------------------------------------------- /Part 4/Example backend code/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==2.3.2 2 | pycryptodome==3.18.0 3 | -------------------------------------------------------------------------------- /Part 4/Plugin compiled/HttpRequestResponseEditorExample-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 4/Plugin compiled/HttpRequestResponseEditorExample-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /Part 4/Plugin sources/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 4/Plugin sources/build.gradle -------------------------------------------------------------------------------- /Part 4/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomHttpRequestEditorTab.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 4/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomHttpRequestEditorTab.java -------------------------------------------------------------------------------- /Part 4/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomHttpRequestResponseEditor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 4/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomHttpRequestResponseEditor.java -------------------------------------------------------------------------------- /Part 4/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomHttpResponseEditorTab.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 4/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomHttpResponseEditorTab.java -------------------------------------------------------------------------------- /Part 4/Plugin sources/src/main/java/org/fd/montoyatutorial/HttpRequestResponseEditorExample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 4/Plugin sources/src/main/java/org/fd/montoyatutorial/HttpRequestResponseEditorExample.java -------------------------------------------------------------------------------- /Part 5/Example backend code/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 5/Example backend code/README.md -------------------------------------------------------------------------------- /Part 5/Example backend code/backend.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 5/Example backend code/backend.py -------------------------------------------------------------------------------- /Part 5/Example backend code/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==2.3.2 2 | pycryptodome==3.18.0 3 | -------------------------------------------------------------------------------- /Part 5/Plugin compiled/ContextMenuExample-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 5/Plugin compiled/ContextMenuExample-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /Part 5/Plugin sources/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 5/Plugin sources/build.gradle -------------------------------------------------------------------------------- /Part 5/Plugin sources/src/main/java/org/fd/montoyatutorial/ContextMenuExample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 5/Plugin sources/src/main/java/org/fd/montoyatutorial/ContextMenuExample.java -------------------------------------------------------------------------------- /Part 5/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomContextMenuItemProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 5/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomContextMenuItemProvider.java -------------------------------------------------------------------------------- /Part 6/Example backend application/sampleCommonsCollections3.war: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 6/Example backend application/sampleCommonsCollections3.war -------------------------------------------------------------------------------- /Part 6/Plugin compiled/ScanCheckExample-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 6/Plugin compiled/ScanCheckExample-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /Part 6/Plugin sources/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 6/Plugin sources/build.gradle -------------------------------------------------------------------------------- /Part 6/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomScanCheck.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 6/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomScanCheck.java -------------------------------------------------------------------------------- /Part 6/Plugin sources/src/main/java/org/fd/montoyatutorial/ScanCheckExample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 6/Plugin sources/src/main/java/org/fd/montoyatutorial/ScanCheckExample.java -------------------------------------------------------------------------------- /Part 6/Plugin sources/src/main/java/org/fd/montoyatutorial/StaticItems.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 6/Plugin sources/src/main/java/org/fd/montoyatutorial/StaticItems.java -------------------------------------------------------------------------------- /Part 7/Example backend application/sampleCommonsCollections3.war: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 7/Example backend application/sampleCommonsCollections3.war -------------------------------------------------------------------------------- /Part 7/Plugin compiled/ScanCheckCollaboratorExample-1.0-SNAPSHOT.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 7/Plugin compiled/ScanCheckCollaboratorExample-1.0-SNAPSHOT.jar -------------------------------------------------------------------------------- /Part 7/Plugin sources/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 7/Plugin sources/build.gradle -------------------------------------------------------------------------------- /Part 7/Plugin sources/src/main/java/org/fd/montoyatutorial/CollaboratorScanCheckExample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 7/Plugin sources/src/main/java/org/fd/montoyatutorial/CollaboratorScanCheckExample.java -------------------------------------------------------------------------------- /Part 7/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomCollaboratorScanCheck.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 7/Plugin sources/src/main/java/org/fd/montoyatutorial/CustomCollaboratorScanCheck.java -------------------------------------------------------------------------------- /Part 7/Plugin sources/src/main/java/org/fd/montoyatutorial/StaticItems.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 7/Plugin sources/src/main/java/org/fd/montoyatutorial/StaticItems.java -------------------------------------------------------------------------------- /Part 8/BChecks/1 - Passive SQL exception check.bcheck: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/BChecks/1 - Passive SQL exception check.bcheck -------------------------------------------------------------------------------- /Part 8/BChecks/2 - Active SQL Injection check.bcheck: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/BChecks/2 - Active SQL Injection check.bcheck -------------------------------------------------------------------------------- /Part 8/BChecks/3 - Active SQL Injection check with less FP.bcheck: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/BChecks/3 - Active SQL Injection check with less FP.bcheck -------------------------------------------------------------------------------- /Part 8/BChecks/4 - Blind SQL Injection check.bcheck: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/BChecks/4 - Blind SQL Injection check.bcheck -------------------------------------------------------------------------------- /Part 8/BChecks/5 - SSRF check.bcheck: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/BChecks/5 - SSRF check.bcheck -------------------------------------------------------------------------------- /Part 8/BChecks/6 - SSRF check improved.bcheck: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/BChecks/6 - SSRF check improved.bcheck -------------------------------------------------------------------------------- /Part 8/Example backend code/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/Example backend code/README.md -------------------------------------------------------------------------------- /Part 8/Example backend code/backend.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/Example backend code/backend.py -------------------------------------------------------------------------------- /Part 8/Example backend code/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==3.0.3 2 | requests==2.32.3 -------------------------------------------------------------------------------- /Part 8/Example backend code/test.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/Part 8/Example backend code/test.db -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/federicodotta/Burp-Suite-Extender-Montoya-Course/HEAD/README.md --------------------------------------------------------------------------------