burp.js by turingsecure.
burp.js is a client side parser for Burp XML output files.
Install the @turingsecure/burp.js package:
# use yarn or npm
yarn add @turingsecure/burp.jsImport the library to use it in your code:
import { BurpParser } from "@turingsecure/burp.js";To parse an XML file, you just have to execute the imported function.
const xml = "burpscan xml";
const parsed = BurpParser(xml);Note: If the requests and responses are base64 encoded, they will be automatically decoded
The BurpParser function returns an array of issues.
If you do not want decoded requests and responses, you can pass a flag:
const xml = "burpscan xml";
const parsed = BurpParser(xml, false);An issue object has the following properties:
| Property | Type |
|---|---|
| serialNumber | string |
| type | string |
| host | string |
| path | string |
| location | string |
| severity | string |
| confidence | string |
| issueBackground | string |
| remediationBackground | string |
| vulnerabilityClassifications | string |
| issueDetail | string |
| references | string |
| requestresponse | RequestResponse[ ] |
requestresponse is an array of RequestResponse objects with the following properties:
| Property | Type |
|---|---|
| request | string |
| response | string |
| responseRedirected | string |
Contributions, issues and feature requests are welcome. Feel free to check out the issues page if you want to contribute.
Copyright © 2021 turingsecure. This project is MIT licensed.