dnet
commented
3 years ago Hi, you're right, there's no documentation yet, my SANS white paper and 45-minute talk can be used to get some insights, both are linked from this blog post: https://blog.silentsignal.eu/2020/03/27/unix-style-approach-to-web-application-testing/
Queue is for when you would like to execute a "Context menu item" action on more than one request/response. Normally you could do this by selecting multiple request/responses in the Proxy Burp tab. But this is not possible for the Repeater or Intruder results. In such cases, you can select "Add to queue" in the Piper popup menu and collect all the request/response items there one by one. Finally, selecting the Queue tab allows you to select any combination of these items and execute the desired "Context menu item" actions.
HTTP listeners are actions that get called before a request is sent or after a response is received. This can be used to either process these as a side effect (not affecting the original request or response iself) or to transform the request or response before it is sent or processed by Burp, respectively. One typical example is handling end-to-end encryption (E2EE) for complex API testing, see section 2.4 in my SANS whitepaper, especially the diagram on page 14.
MohamedBarrous
Hi, this is just a small issue about a not present documentation. Your extension is amazing and I want to use all of its benefits. But I can't understand some categories without a detailed documentation like the "Queue" tab or "Http Listeners". Can you please give me a link to the documentation ?
Thanks in advance.