burp.js by turingsecure.
burp.js is a client side parser for Burp XML output files.
Installation
Install the @turingsecure/burp.js package:
# use yarn or npm
yarn add @turingsecure/burp.jsImport the library to use it in your code:
import { BurpParser } from "@turingsecure/burp.js";Usage
To parse an XML file, you just have to execute the imported function.
const xml = "burpscan xml";
const parsed = BurpParser(xml);Note: If the requests and responses are base64 encoded, they will be automatically decoded
API
The BurpParser function returns an array of issues.
If you do not want decoded requests and responses, you can pass a flag:
const xml = "burpscan xml";
const parsed = BurpParser(xml, false);An issue object has the following properties:
| Property | Type |
|---|---|
| serialNumber | string |
| type | string |
| host | string |
| path | string |
| location | string |
| severity | string |
| confidence | string |
| issueBackground | string |
| remediationBackground | string |
| vulnerabilityClassifications | string |
| issueDetail | string |
| references | string |
| requestresponse | RequestResponse[ ] |
requestresponse is an array of RequestResponse objects with the following properties:
| Property | Type |
|---|---|
| request | string |
| response | string |
| responseRedirected | string |
Contributing
Contributions, issues and feature requests are welcome. Feel free to check out the issues page if you want to contribute.
License
Copyright © 2021 turingsecure. This project is MIT licensed.