You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Writing good reports is key in penetration tests / security assessments, since
this is the final result delivered to the customer. Vulnerabilities should be
described in a way so that the customer can understand and also reproduce the
issue. For web application pentests, the best way is often to show the HTTP
requests and responses to explain an issue. This Burp Suite extension "Copy
Request & Response" can assist you while the report.
When copying request/response from Burp, the workflow is often like this:
Select the request
Copy to clipboard
Switch to your reporting tool (Word, Markdown, Web App, LaTeX Editor, $YOUNAMEIT)
Paste the request
Switch back to Burp
Select the response (or only part of it if body is too big and you ony want to show the issue)
Copy to clipboard
Switch back to the report
Paste again
Add context to explain the request / response
The Copy Request & Response Burp Suite extension adds new context menu
entries that can be used to simply copy the request and response from the
selected message to the clipboard.
The workflow can then look like this:
Select what you want to copy from the context menu
Switch to the reporting tool
Paste
Add context to explain the request / response
Much easier, right? 😉
From a technical view, this is probably the most boring Burp Suite extension.
However, it allows you to spend more time on testing than documenting.
Features
The extension offers the following copy methods in the context menu of selected
messages and request / responses:
Copy entire request & response of selected message
Copy entire request & response header
Copy entire request & response header + selected response data
Screenshot:
Demo
The following demo shows the 3 different copy methods:
Build
To build the extension run
./gradlew jar
Configuration
It is possible to configure the "cut text". By default it is set to "[...]". To change this, add a similar entry to
your user.vmoptions where BurpSuite is installed
-DcopyRequestResponse.cutText.text=[CUT BY COMPASS]
If you want to use non-breaking spaces (\u00a0), the following property will replace all spaces to non-breaking spaces:
