Public
BurpMCP
2025-04-06
MCP Server for Burpsuite
3 years
Works with Finder
1
Github Watches
0
Github Forks
0
Github Stars
Burp Suite MCP Server
项目简介
BurpsuiteMCP 是一个模型上下文协议服务器,允许LLMs从Burp Suite代理历史记录中检索数据, 从而帮助研究人员和渗透测试人员更有效地进行安全测试和分析。
该项目灵感来自于GhidraMCP
主要功能
- 基于SQL的数据查询:使用类似SQL的语法从Burp Suite代理历史记录中检索数据
目前支持从Burp Suite代理历史记录中检索数据包括:
- 原始请求
- 请求类型(POST, GET, etc.)
- 请求URL
- Host
- 请求体
- 原始响应
- 响应类型
- 响应状态码
- 响应体
相比于官方的MCP:
优点:
- 可以指定
HTTP History的返回字段, 避免同意返回带来上下文过长的问题。
缺点:
- 其他功能没官方多
- 也没有UI
演示
https://github.com/user-attachments/assets/466e0c4a-137d-4589-a8e7-7ffbb37fb863
安装说明
前提条件
- Java 17 或更高版本
- Python 3.11或更高版本
安装步骤
-
安装Burp Suite扩展:
- 下载最新的
MCPBurpExtension.jar文件 - 在Burp Suite中,打开"扩展"选项卡
- 点击"添加"按钮,选择"Java扩展"
- 选择下载的JAR文件
- 扩展将在端口8889上启动HTTP服务器
- 下载最新的
-
安装Python依赖:
uv sync
使用指南
基本用法
use MCP Client
{
"mcpServers": {
"burpsuite": {
"command": "python",
"args": [
"/ABSOLUTE_PATH_TO/burpsuite_mcp.py"
]
}
}
}
相关推荐
I find academic articles and books for research and literature reviews.
Confidential guide on numerology and astrology, based of GG33 Public information
Embark on a thrilling diplomatic quest across a galaxy on the brink of war. Navigate complex politics and alien cultures to forge peace and avert catastrophe in this immersive interstellar adventure.
Converts Figma frames into front-end code for various mobile frameworks.
Advanced software engineer GPT that excels through nailing the basics.
💬 MaxKB is a ready-to-use AI chatbot that integrates Retrieval-Augmented Generation (RAG) pipelines, supports robust workflows, and provides advanced MCP tool-use capabilities.
Micropython I2C-based manipulation of the MCP series GPIO expander, derived from Adafruit_MCP230xx
MCP server to provide Figma layout information to AI coding agents like Cursor
Python code to use the MCP3008 analog to digital converter with a Raspberry Pi or BeagleBone black.
Reviews
3
(1)
user_Ei3RlyQy
2025-04-17
As a dedicated user of BurpMCP, I can confidently say that this tool is a game-changer for penetration testers. The seamless integration with Burp Suite and the efficient functionality make it an invaluable asset. Kudos to N0el4kLs for developing such a robust and user-friendly application. Highly recommended for anyone in the cybersecurity field!