Nuclei-Burp-Plugin : Nuclei Plugin For BurpSuite

Nuclei-Burp-Plugin is a BurpSuite plugin intended to help with nuclei template generation.

Features

Template matcher generation

• Word and Binary matcher creation using selected response snippets from Proxy history or Repeater contexts
• Multi-line selections are split to separate words for readability
• Binary matchers are created for selections containing non-ASCII characters
• The part field is auto-set based on whether the selection was in the request header or body
• Every generated template auto-includes a Status matcher, using the HTTP status code of the response

Request template generation

• In the Intruder tab, selected payload positions can be used to generate request templates, using one of the following attack types: Battering ram, Pitchfork or Cluster bomb
• The selected text snippet from an HTTP request under the Proxy or Repeater tab can be used to generate a request template with the attack type defaulting to Battering ram

Template execution

• Generated templates can be executed instantly, and the output is shown in the same window for convenience
• The plugin auto-generates the CLI command, using the absolute nuclei path, absolute template path and target information extracted from the desired request
• History of unique, executed commands are stored, can be quick searched and re-executed within the current session

Experimental features

• (Non-contextual) YAML property and value auto-complete, using reserved words from the nuclei JSON schema
• Syntax highlighting of YAML properties, based on reserved words

Productivity

• Almost every action can be triggered using keyboard shortcuts:
  • F1: open nuclei template documentation
  • Ctrl + Enter: execute current template
  • Ctrl + Shift + E: jump to the template editor
  • Ctrl + L: jump to the CLI input field
  • Ctrl + R: show CLI argument helper
  • Ctrl + S: save the current template
  • Ctrl + Plus/Minus: increase/decrease font size
  • Ctrl + Q: quit
• Tab support:
  • Ctrl + Tab or Ctrl + PageDown: open next tab
  • Ctrl + Shift + Tab or Ctrl + PageUp: open previous tab
  • Ctrl + [1-9]: move to n-th tab
  • Mouse Scroll Up/Down over the tabs: navigate to next or previous tab
  • Ctrl + W or Middle Mouse Button Click: close current tab
• The template path is auto-updated if the template is saved to a new location
• The template-id is recommended as file name when saving

Settings

• The plugin attempts to auto-detect and complete the configuration values
• The code searches for the nuclei binary path, using the values from the process’s environmental PATH variable.
  Note: the BurpSuite binary, opposed to the stand-alone BurpSuite jar, might not have access to the current users’s PATH variable.
• The target template path is calculated based on the default nuclei template directory, configured under <USER_HOME>/.config/nuclei/.templates-config.json
• The name of the currently logged-in operating system user is used as a default value for the template author configuration

Look and feel

• The template generator window supports Dark and Light themes. The presented theme is chosen based on the selected BurpSuite theme, under User Options
• Support for colored nuclei output
• Modifiable font size in the template editor and command output

Building the code

Use mvn clean package -DskipTests to build the project yourself. It requires Maven 3.x and Java 11+.

On MacOS the dependencies for the plugin can be met using Homebrew: brew install mvn openjdk@11

Alternatively, different builds can be downloaded from the Actions section. The built artifact can be found under the latest build’s Artifacts section. These artifacts are generated after every commit, but are only stored for a limited amount of time.

Installation

• Build the code yourself or download a pre-built/release version
• Go to Extender in BurpSuite
• Click the Add button in the Extensions tab
• Leave the Extension Type on Java
• Select the path to the plugin (.jar)