Home ›

google web toolkit

Burp plugin for scanning GWT and JSON HTTP requests

Submitted by alla on 1 June, 2012 - 13:36
in
  • burp
  • google web toolkit
  • gwt
  • json
  • penetration testing

Update: Burp Suite Pro 1.4.10 supports JSON scanning out of the box, see http://releases.portswigger.net/2012/06/v1410.html

A while ago Alex came up with a solution to get Burp to scan JSON formatted requests. It required a rather involved setup with two Burp listeners and an Apache server acting as a proxy packing and unpacking JSON data for Burp's consumption.

  • alla's blog
  • 5 comments
  • Read more
  • 2 attachments
Syndicate content

Gremwell Logo

  • About Gremwell
  • Blog
  • Forum
  • What is MagicTree
  • Using MagicTree
  • Download MagicTree
  • Documentation
  • Search
  • Contact us

Follow Gremwell on Twitter

Recent blog posts

Read all RSS Syndicate content
  • Burp is Going to Support PKCS#11
  • MagicTree 1.3 - important bug fixes and support for IBM Rational AppScan
  • We are hiring again!
  • Testing Riddler CAPTCHA
  • MagicTree 1.2 Is Out
  • Nice arduino-based circuit
  • Finally, a standard Linux 3.2 bridge can forward 802.1x messages!
  • Burp plugin for scanning GWT and JSON HTTP requests
  • Release of sslcaudit 1.0
  • Does your test system support SSLv2?
  • Release of sslcaudit v1.0 RC1
  • Yet Another Portscanner (in Python)
  • We Are Hiring
  • MagicTree 1.1 Released
  • Installing Arachni from Source on Ubuntu 11.04 (Natty)
  • NeXpose XML - A Rant
  • MagicTree Forum
  • A tool to search for serialized Java objects in a binary stream
  • "Proper" pfSense backup script
  • Ubuntu 11 on Kingston SV100S2/256G SSD
Read all