Burpsuite Log Analysis filtering tool to speed up sqlmap batch scanning

Burplogfilter

A small program written by Python3 to filter the Burpsuite log

A Python3 program to filter burpsuite log file.

Why?

Why do you write this program? Powerful Sqlmap support the use of Burpsuite logs for batch analysis, but the Burpsuite log records all traffic to the agent, including static resources Ah, duplicate submissions Ah, which will affect the efficiency of sqlmap analysis. So I intend to write a small program, can do:

• Can filter requests by domain name
• Static resource requests can be automatically filtered
• You can automatically filter URLs by pattern, that is, requests for the same URL and parameters, leaving only one (parameter value has no effect on sqlmap)

Why am I wrote this program? The powerful Sqlmap accepts a burpsuite log file to make batch anaylze,but the log of Burpsuite record Everything,includes Static resources,duplicated Submits,which would reduce the efficiency of the analyze. So I wrote the utility to make:

• Can filter with a hostname
• Can filter static resources automatic
• Can filter duplicated submits according to the URL and params (the value of the params are useless for sqlmap analyze)

USAGE1. Tick burpsuite output log (check the logging option)

2. Use burplogfilter.py filter log (using burplogfilter.py to filter log file)

Usage:python3 burplogfilter.py [options]options:-  H                                  Show this showHelp-  f filepath the                         burpsuite log To analyze  --host keyword,--host=keyword      host name filter-  v                                  Show debug messageexamples:  python3 Burplogfilter.py-f/tmp/burp.log--host='google.com'> burp-proxy.log

3. Use Sqlmap Batch analysis log (using SQLMAP to batch analyze log)

Sqlmap-l Burp-proxy.log--batch-smart

4. View the analysis results (check result)

ls/usr/local/cellar/sqlmap/0.9_1/libexec/output/

Burplogfilter This is a Python3 written to filter the Burpsuite log of the applet. Why? Why do you write this program? Powerful Sqlmap support the use of Burpsuite logs for batch analysis, but the Burpsuite log records all traffic to the agent, including static resources Ah, duplicate submissions Ah, which will affect the efficiency of sqlmap analysis. So I intend to write a small program can be done: can be filtered according to the domain name of the request can automatically filter the static resource request can automatically filter the URL according to the pattern, that is, the same URL and parameters of the request, will only leave one (parameter value for SQLMAP does not have any effect) use Method 1, tick burpsuite output log (Check the logging option) Burpsuite 2, use the burplogfilter.py filter log (using burplogfilter.py to filter log file) Usage:python3 burp logfilter.py [Options] Options:-H Show This showhelp-f filepath the Burpsuite log to analyze--host keyword,--host=keyw Ord Host name filter-v Show Debug Message examples:python3 burplogfilter.py-f/tmp/burp.log--host= ' google.com ' > Bu Rp-proxy.log 3, use Sqlmap batch analysis log (using SQLMAP to batch analyze log) sqlmap-l Burp-proxy.log--batch-smart 4, view analysis results (check ResU LT) ls/usr/local/cellar/sqlmap/0.9_1/libexec/output/code Download Https://github.com/tony1016/BurpLogFilter- Reprint please keep the original link: http://www.hi-ourlife.com/index.php/post/147.html

Burpsuite Log Analysis filtering tool to speed up sqlmap batch scanning