tomkallo / pycript Goto Github PK

This project forked from anof-cyber/pycript

Burp Suite extension that allows for bypassing client-side encryption using custom logic for manual and automation testing with Python and NodeJS. It enables efficient testing of encryption methods and identification of vulnerabilities in the encryption process.

Home Page: https://pycript.souravkalal.tech/

License: MIT License

Python 100.00%

pycript's Introduction

PyCript

Pycript is a Burp Suite extension that enables users to encrypt and decrypt requests for manual and automated application penetration testing. It also allows users to create custom encryption and decryption logic using JavaScript and Node.js, allowing for a tailored encryption/decryption process for specific needs.

Support

Documentation

Requirements

Node JS
Burp Suite with Jython

Features

Encrypt & Decrypt the Selected Strings from Request Response
View and Modify the encrypted request in plain text
Decrypt Multiple Requests
Perform Burp Scanner, Sql Map, Intruder Bruteforce or any Automation in Plain Text
Auto Encrpyt the request on the fly
Complete freedom for encryption and decryption logic
Ability to handle encryption and decryption even with Key and IV in Request Header or Body

Demo Code

Repository for More Encryption Decryption examples Code Repository

Encryption Code

var CryptoJS = require("crypto-js");
const program = require("commander");
const { Buffer } = require('buffer');
program
  .option("-d, --data <data>", "Data to process")
  .parse(process.argv);
  
const options = program.opts();
const plaintext = Buffer.from(options.data, 'base64').toString('utf8');

var key = "1234"
var iv = "1234"
var encryptedbytes  = CryptoJS.AES.encrypt(plaintext, CryptoJS.enc.Utf8.parse(key),
{	
	keySize: 128 / 8,
	iv:  CryptoJS.enc.Utf8.parse(iv),
    mode: CryptoJS.mode.CBC
});
var Encryptedtext = encryptedbytes.toString();

console.log(Encryptedtext)

Decryption Code

var CryptoJS = require("crypto-js");
const program = require("commander");
const { Buffer } = require('buffer');
program
  .option("-d, --data <data>", "Data to process")
  .parse(process.argv); 
const options = program.opts();
var ciphertext = Buffer.from(options.data, 'base64').toString('utf8');


var key = "1234"
var iv = "1234"
var decryptedbytes  = CryptoJS.AES.decrypt(ciphertext, CryptoJS.enc.Utf8.parse(key),
{	
	keySize: 128 / 8,
	iv:  CryptoJS.enc.Utf8.parse(iv),
    mode: CryptoJS.mode.CBC
});
var plaintext = decryptedbytes.toString(CryptoJS.enc.Utf8);

console.log(plaintext)

Roadmap

Response Encryption & Decryption
Support for GET Paramters
Allowing Edit Headers for Request Type Custom Request
Supporting multiple languages for encryption and decryption

Screenshots

Recommend Projects

tomkallo / pycript Goto Github PK

pycript's Introduction

PyCript

Support

Documentation

Requirements

Features

Demo Code

Encryption Code

Decryption Code

Roadmap

Screenshots

pycript's People

Contributors

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent