Thursday, July 23, 2015

Security vulnerability scanning with Burp Suite Professional

If you are using Burp Suite Professional to do your Security Vulnerability scans, you may notice that setting up your environment to simply run on a Windows OS is a rather tedious operation:

Well, I LOVE automation, so I decided to create PowerShell scripts to configure the most common operations needed to set up and use Burp Suite:

$regKey="HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"


$proxyServer = ""

$proxyAddress = "";

$proxyPort = "8080";


$proxyServerToDefine = "$proxyAddress" + ":" + "$proxyPort";


Write-Host "Retrieve the proxy server ..."

Write-Host $proxyServerToDefine


$proxyServer = Get-ItemProperty -Path $regKey -Name ProxyServer -ErrorAction SilentlyContinue


Write-Host $proxyServer





    Write-Host "Proxy is actually disabled"


    Set-ItemProperty -Path $regKey -Name ProxyEnable -Value 1


    Set-ItemProperty -Path $regKey -Name ProxyServer -Value $proxyServerToDefine


    Write-Host "Proxy is now enabled"





    Write-Host "Proxy is actually enabled"


    Set-ItemProperty -Path $regKey -Name ProxyEnable -Value 0


    Remove-ItemProperty -Path $regKey -Name ProxyServer


    Write-Host "Proxy is now disabled"


$javaPath = "C:\Program Files\Java\jre1.8.0_51\bin\java.exe";

$burpPathPro = "C:\Burp\burpsuite_pro_v1.6.09.jar";


#java -jar -Xmx1024m /path/to/burp.jar




$BurpCmd = @"

"$javaPath" -jar $burpPathPro";
Write-Host $BurpCmd

#Launch Burp Suite

& "$javaPath" -jar $burpPathPro

No comments:

Post a Comment