First Burp Extension


Yesterday I started converting the few Hiccup scripts I created (as in: tinkering with a mashup of existing scripts until it worked) in the past to the new Burp Extender format.
After some initial startup problems (with which http://www.burpextensions.com really helped out) I am proud to present my first simple extension :)

It doesn't do much more than highlighting requests of content-type text/xml and text/xhtml in the proxy tab. The reason I want that is that these content types are possibly vulnerable to html encoded XSS attacks and are often missed by scanners (thanks to mario heiderich for pointing that out to me in the past!). It is therefor useful to test them manually.

See http://www.thespanner.co.uk/2011/09/12/protecting-against-xss/ for some background info and PoC.

Link to the Burp Extension