Public
BurpMCP
2025-04-06
MCP Server for Burpsuite
1
Github Watches
0
Github Forks
0
Github Stars
Burp Suite MCP Server
项目简介
BurpsuiteMCP 是一个模型上下文协议服务器,允许LLMs从Burp Suite代理历史记录中检索数据, 从而帮助研究人员和渗透测试人员更有效地进行安全测试和分析。
该项目灵感来自于GhidraMCP
主要功能
- 基于SQL的数据查询:使用类似SQL的语法从Burp Suite代理历史记录中检索数据
目前支持从Burp Suite代理历史记录中检索数据包括:
- 原始请求
- 请求类型(POST, GET, etc.)
- 请求URL
- Host
- 请求体
- 原始响应
- 响应类型
- 响应状态码
- 响应体
相比于官方的MCP:
优点:
- 可以指定
HTTP History的返回字段, 避免同意返回带来上下文过长的问题。
缺点:
- 其他功能没官方多
- 也没有UI
演示
https://github.com/user-attachments/assets/466e0c4a-137d-4589-a8e7-7ffbb37fb863
安装说明
前提条件
- Java 17 或更高版本
- Python 3.11或更高版本
安装步骤
-
安装Burp Suite扩展:
- 下载最新的
MCPBurpExtension.jar文件 - 在Burp Suite中,打开"扩展"选项卡
- 点击"添加"按钮,选择"Java扩展"
- 选择下载的JAR文件
- 扩展将在端口8889上启动HTTP服务器
- 下载最新的
-
安装Python依赖:
uv sync
使用指南
基本用法
use MCP Client
{
"mcpServers": {
"burpsuite": {
"command": "python",
"args": [
"/ABSOLUTE_PATH_TO/burpsuite_mcp.py"
]
}
}
}
相关推荐
I find academic articles and books for research and literature reviews.
Confidential guide on numerology and astrology, based of GG33 Public information
Converts Figma frames into front-end code for various mobile frameworks.
Advanced software engineer GPT that excels through nailing the basics.
Take an adjectivised noun, and create images making it progressively more adjective!
Siri Shortcut Finder – your go-to place for discovering amazing Siri Shortcuts with ease
Discover the most comprehensive and up-to-date collection of MCP servers in the market. This repository serves as a centralized hub, offering an extensive catalog of open-source and proprietary MCP servers, complete with features, documentation links, and contributors.
Micropython I2C-based manipulation of the MCP series GPIO expander, derived from Adafruit_MCP230xx
The all-in-one Desktop & Docker AI application with built-in RAG, AI agents, No-code agent builder, MCP compatibility, and more.
Bridge between Ollama and MCP servers, enabling local LLMs to use Model Context Protocol tools
Reviews
3
(1)
user_Ei3RlyQy
2025-04-17
As a dedicated user of BurpMCP, I can confidently say that this tool is a game-changer for penetration testers. The seamless integration with Burp Suite and the efficient functionality make it an invaluable asset. Kudos to N0el4kLs for developing such a robust and user-friendly application. Highly recommended for anyone in the cybersecurity field!