forked from doyensec/PESD-Exporter-Extension
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathBappDescription.html
58 lines (48 loc) · 4.07 KB
/
BappDescription.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<p>PESD Exporter is a Burp Suite extension to visualize web traffic in a way that facilitates the analysis and reporting in scenarios with complex functional flows. It converts Burp Suite's proxy traffic into interactive sequence diagrams defined as Proxy Enriched Sequence Diagrams (PESD).
While classic sequence diagrams for software engineering are meant for an abstract visualization and all the information is carried by the diagram itself, PESD is designed to include granular information related to the underlying HTTP traffic being represented in the form of explorable metadata.</p>
<p>Additionally, it executes of structured templates on the generated format to enrich its contents. The Extension currently supports standard OAuth2/OpenID/SAML matching. A frame and custom flags are added to the diagram to surround the standard flows and enrich its contents.
We strongly recommend reading the introduction article containing a detailed description and usage examples directly from our testing activities - <a href="https://blog.doyensec.com/2023/02/14/pesd-extension-public-release.html">https://blog.doyensec.com/2023/02/14/pesd-extension-public-release.html</a></p>
<h2>Usage</h2>
<p>Select and send specific traffic entries from Burp Suite Tabs to the Exporter tab.</p>
<p>Specify a mode of operation for the export:</p>
<ul>
<li><b>Domains as Actors</b> - Each domain involved in the traffic is represented as an actor in the diagram. Suitable for multi-domain flows analysis</li>
<li><b>Endpoints as Actors</b> - Each endpoint (path) involved in the traffic is represented as an actor in the diagram. Suitable for single-domain flows analysis</li>
</ul>
<p>Auto-Export is enabled by default, sending items to the extension will directly result in a export. User is redirected to the Browser view and the items are cleaned after the export within the extension.</p>
<h2>Export capabilities</h2>
<ul>
<li>Expandable Metadata. Underlined flags can be clicked to show the underlying metadata from the traffic in a scrollable popover</li>
<li>Masked Randoms in URL Paths. UUIDs and pseudorandom strings recognized inside path segments are mapped to variable names <code><UUID_N></code> / <code><VAR_N></code>. The re-renderization will reshape the diagram to improve flow readability. Every occurrency with the same value maintains the same name</li>
<li>Notes. Comments from Burp Suite are converted to notes in the resulting diagram. Use <code><br></code> in Burp Suite comments to obtain multi-line notes in PESD exports</li>
<li>Theme. Use MermaidJS theme veriables to build your own sequence diagram style set in the extension</li>
<li>Embedded MD editor. Edit the generated diagram directly in the export to add details (e.g. internal calls to microservices, notes, everything allowed by mermaid JS)</li>
<li>Highlight colors from Burpsuite are ported to the sequence diagram arrow colors</li>
<li>Invert Proxy History order. If you have the last request on top, activate it</li>
<li>Save as : SVG, Markdown, JSON metadata, explorable HTML</li>
</ul>
<h2>Extending the diagram, syntax and metadata with Templates</h2>
<p>The Extension currently supports the following templates :</p>
<ul>
<li>OAuth2 / OpenID Connect. The template matches standard OAuth2/OpenID Connect flows and adds related flags + flow frame.<br>
Oauth2 supported flows :
<ul>
<li>Implicit Grant</li>
<li>Code Grant</li>
</ul>
OpenID supported flows :
<ul>
<li>Code Grant</li>
<li>Implicit Grant</li>
<li>Hybrid flow</li>
</ul>
Respectively based on rfc6749 and openid-connect-core-1_0</li>
<li>SAML SSO. The template matches Single-Sign-On flows with SAML V2.0 and adds related flags + flow frame.<br>
Based on SAML V2.0 , supported flows:
<ul>
<li>SP-initiated SSO using a Redirect Binding for the SP-to-IdP message and a POST Binding for the IdP-to-SP message</li>
<li>SP-initiated SSO using a POST Binding for the message and an Artifact Binding for the message</li>
<li>IDP-initiated SSO using a POST Binding for the IdP-to-SP message; no SP-to-IdP message is involved</li>
</ul>
</li>
</ul>