├── .DS_Store ├── .gitignore ├── README.md ├── burplogfilter.py └── res └── burpsuite.png /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tony1016/BurpLogFilter/b6bc8e437a22a4f7745df7633659e54b50b98d96/.DS_Store -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | env/ 12 | build/ 13 | develop-eggs/ 14 | dist/ 15 | downloads/ 16 | eggs/ 17 | .eggs/ 18 | lib/ 19 | lib64/ 20 | parts/ 21 | sdist/ 22 | var/ 23 | *.egg-info/ 24 | .installed.cfg 25 | *.egg 26 | 27 | # PyInstaller 28 | # Usually these files are written by a python script from a template 29 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 30 | *.manifest 31 | *.spec 32 | 33 | # Installer logs 34 | pip-log.txt 35 | pip-delete-this-directory.txt 36 | 37 | # Unit test / coverage reports 38 | htmlcov/ 39 | .tox/ 40 | .coverage 41 | .coverage.* 42 | .cache 43 | nosetests.xml 44 | coverage.xml 45 | *,cover 46 | .hypothesis/ 47 | 48 | # Translations 49 | *.mo 50 | *.pot 51 | 52 | # Django stuff: 53 | *.log 54 | 55 | # Sphinx documentation 56 | docs/_build/ 57 | 58 | # PyBuilder 59 | target/ 60 | 61 | #Ipython Notebook 62 | .ipynb_checkpoints 63 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # BurpLogFilter 2 | 一个python3写的,用于过滤BurpSuite日志的小程序 3 | 4 | A python3 program to filter BurpSuite log file. 5 | 6 | # WHY? 7 | 8 | 为什么要写这个程序呢?强大的SqlMap支持使用BurpSuite的日志进行批量分析,但是BurpSuite的日志记录了所有走代理的流量,包括静态资源啊,重复的提交啊,这些都会影响SqlMap的分析效率。于是打算写一个小程序,可以做到: 9 | 10 | - 可以按照域名过滤请求 11 | - 可以自动过滤静态资源请求 12 | - 可以自动按照模式过滤URL,即相同URL和参数的请求,只会留其一(参数值对于SqlMap没有什么作用) 13 | 14 | Why I wrote this program?The powerful SqlMap accepts a BurpSuite log file to make batch anaylze,but the log of BurpSuite record everything,includes static resources,duplicated submits,which will reduce the efficiency of the analyze.So I wrote this utility to make: 15 | 16 | - can filter with a hostname 17 | - can filter static resources automatic 18 | - can filter duplicated submits according to the url and params(the value of params is useless for SqlMap analyze) 19 | 20 | 21 | 22 | 23 | # USAGE 24 | 25 | ### 1.勾选BurpSuite输出日志(check the logging option) 26 | 27 | ![burpsuite](https://github.com/tony1016/BurpLogFilter/raw/master/res/burpsuite.png) 28 | 29 | ### 2.使用burplogfilter.py过滤日志(use burplogfilter.py to filter log file) 30 | 31 | ```sh 32 | Usage: python3 burplogfilter.py [options] 33 | 34 | Options: 35 | -h Show this showHelp 36 | -f filepath The BurpSuite log to analyze 37 | --host keyword, --host=keyword Host name filter 38 | -v Show debug message 39 | 40 | Examples: 41 | python3 burplogfilter.py -f /tmp/burp.log --host='google.com' > burp-proxy.log 42 | ``` 43 | 44 | ### 3.使用SqlMap批量分析日志(Use SqlMap to batch analyze log) 45 | 46 | ```sh 47 | sqlmap -l burp-proxy.log --batch -smart 48 | ``` 49 | 50 | ### 4.查看分析结果(Check result) 51 | 52 | ```sh 53 | ls /usr/local/Cellar/sqlmap/0.9_1/libexec/output/ 54 | ``` 55 | 56 | -------------------------------------------------------------------------------- /burplogfilter.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | #coding=utf-8 3 | import getopt 4 | import sys 5 | import re 6 | 7 | DEBUG=False 8 | url_param_patterns=[]; 9 | 10 | def main(): 11 | global DEBUG 12 | 13 | try: 14 | options,args = getopt.getopt(sys.argv[1:],"f:hv",["host="]) 15 | except getopt.GetoptError: 16 | print("[WARNING] error, to see help message of options run with '-h'") 17 | sys.exit() 18 | 19 | if ('-v', '') in options: 20 | DEBUG=True 21 | 22 | filename=None 23 | host=None 24 | 25 | for opt,arg in options: 26 | if opt == "-f": 27 | filename=arg.strip("'") 28 | if opt == "--host": 29 | host=arg.strip("'") 30 | if opt == "-h": 31 | showHelp() 32 | return 33 | 34 | blocks=scrapBlocks(filename) 35 | filteredBlocks=[] 36 | for block in blocks: 37 | if isBlockUseful(block,host) : 38 | filteredBlocks.append(block) 39 | 40 | for block in filteredBlocks: 41 | outputBlock(block) 42 | 43 | def scrapBlocks(filename): 44 | global DEBUG 45 | 46 | if DEBUG: 47 | print("Try to anayze file %s"%filename) 48 | 49 | blocks=None 50 | with open(filename, 'rb') as f: 51 | content=f.read() 52 | blocks = re.findall(r'======================================================' 53 | r'.*?======================================================' 54 | r'.*?======================================================', content, re.S) 55 | if DEBUG: 56 | print("The file contains %s block(s)"%len(blocks)) 57 | 58 | return blocks 59 | 60 | 61 | def isBlockUseful(block,host,isFilterStaticResource=True): 62 | global url_param_patterns 63 | 64 | # 过滤静态资源 65 | for line in block.split("\n"): 66 | if re.match("^GET",line): 67 | if isFilterStaticResource and line.split(" ")[1].split("?")[0].split(".")[-1] in (("bmp","bz2","css","doc","eot","flv","gif","gz","ico","jpeg","jpg","js","less","mp[34]","pdf","png","rar","rtf","swf","tar","tgz","txt","wav","woff","xml","zip")): 68 | if DEBUG: 69 | print("[DEBUG] Filter this static resource url %s"%line.split(" ")[1]) 70 | return False 71 | 72 | # 过滤Host 73 | if host: 74 | for line in block.split("\n"): 75 | m = re.match(r"^Host:(.*)", line) 76 | if m and host not in m.group(1).strip(): 77 | if DEBUG: 78 | print("[DEBUG] Filter this host %s" % m.group(1).strip()) 79 | return False 80 | 81 | # 过滤URL模式 82 | for line in block.split("\n"): 83 | if re.match("^GET",line) or re.match("^POST",line): 84 | url=line.split(" ")[1].split("?")[0] 85 | params="" 86 | if "?" in line: 87 | params=line.split(" ")[1].split("?")[1] 88 | 89 | 90 | pattern=generatePattern(line.split(" ")[0],url,params) 91 | if pattern in url_param_patterns: 92 | if DEBUG: 93 | print("[DEBUG] Pattern %s exists"%pattern) 94 | return False 95 | else: 96 | url_param_patterns.append(pattern) 97 | if DEBUG: 98 | print("[DEBUG] Add new pattern %s"%pattern) 99 | 100 | return True 101 | 102 | def generatePattern(method,url,params): 103 | pattern=[] 104 | pattern.append(method) 105 | pattern.append(url) 106 | paramKeys=[] 107 | for item in params.split("&"): 108 | paramKeys.append(item.split("=")[0]) 109 | paramKeys.sort() 110 | pattern.extend(paramKeys) 111 | return pattern 112 | 113 | 114 | def outputBlock(block): 115 | print("\n"+block+"\n\n\n\n") 116 | 117 | def showHelp(): 118 | print("\n+-----------------------------+") 119 | print("| burplogfilter.py v0.1.0 |") 120 | print("| Tony Lee |") 121 | print("| tony1016@gmail.com |") 122 | print("+-----------------------------+\n") 123 | print("Usage: python3 burplogfilter.py [options]\n") 124 | print("Options:") 125 | print(" -h Show this showHelp") 126 | print(" -f filepath The BurpSuite log to analyze") 127 | print(" --host keyword, --host=keyword Host name filter") 128 | print(" -v Show debug message") 129 | print("\nExamples:") 130 | print(" python3 burplogfilter.py -f /tmp/burp.log --host=google.com") 131 | print("\n[!] to see help message of options run with '-h'") 132 | 133 | if __name__ == '__main__': 134 | main() 135 | -------------------------------------------------------------------------------- /res/burpsuite.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tony1016/BurpLogFilter/b6bc8e437a22a4f7745df7633659e54b50b98d96/res/burpsuite.png --------------------------------------------------------------------------------