-
-
Notifications
You must be signed in to change notification settings - Fork 52
/
Copy pathBappDescription.html
34 lines (34 loc) · 2.06 KB
/
BappDescription.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<p>The <a href="https://github.com/AresS31/swurg">OpenAPI Parser</a> extension streamlines the process of assessing web
services that use OpenAPI-based APIs. The extension offers the following features (not an exhaustive list):</p>
<ul>
<li>OpenAPI specifications can be parsed from a file or URL. The extension can also fetch OpenAPI specifications
directly from a URL using the <em>Send to OpenAPI Parser</em> option in the <em>Target -> Site map</em> context
menu.</li>
<li>Parse <em>OpenAPI Specification</em>, formerly known as the <em>Swagger Specification</em>, fully compliant with
<a href="https://swagger.io/specification/">OpenAPI 2.0/3.0/3.1 Specifications (OAS)</a>.
</li>
<li>Requests can be directly viewed <b>and</b> edited within the extension before sending them to other Burp tools.
</li>
<li>Requests can be sent to the following Burp tools:
<ul>
<li>Comparer</li>
<li>Intruder</li>
<li>Organizer</li>
<li>Repeater</li>
<li>Scanner</li>
<li>Scope</li>
<li>Site map</li>
</ul>
</li>
<li>Requests matching specific criteria (set in the <em>Parameters</em> tab) can be intercepted to automatically
replace the parsed parameter values with user-defined values. This feature allows for fine-tuning of the requests
before sending them to other Burp's tools (e.g., scanner). Edited requests can be viewed within the <em>Modified
Request (OpenAPI Parser)</em> tab of Burp's message editor.</li>
<li>Row highlighting allows pentesters to highlight interesting API calls and/or color-code them for
screenshotting/reporting purposes.</li>
<li>Includes an export to CSV feature, allowing users to easily export selected API requests in CSV format for further
analysis or reporting.</li>
<li>Supports both <code>JSON</code> and <code>YAML</code> formats.</li>
</ul>
<p>If you encounter any issues, please raise an issue on the <a href="https://github.com/AresS31/swurg">GitHub project
page</a> or contact me personally via <a href="https://www.linkedin.com/in/alexandre-teyar/">LinkedIn</a>.</p>