Skip to content

Latest commit

 

History

History
53 lines (32 loc) · 1.72 KB

README.md

File metadata and controls

53 lines (32 loc) · 1.72 KB

SRePlay (Strict RePlay)

Open Source Love GitHub version Open Source Love

Burpsuite Plugin to bypass RePlay protection

Requirements

  • Burpsuite

How to Install

Download Latest Jar from Release and add in burpsuite extender

What it does

It is design for a scenario where we can't replay requests more than once as the request is getting Token from previous request's response and also when we can't make request with macros to get the token

  • It will extract the value of token from the last response and automatically update the request with the new token on the fly

Usage Guide

The detailed usage guide can be found SRePlay - Bypass Replay Protection.

How it works

  • Provide Host URL
  • Provide Response parameter name
  • Provide Request parameter name
  • Provide Parameter Initial Value
  • Press Start SRePlay

SRePlay in Action

Limitation

  • Will only work with single thread on Scanner and Intruder

Tested on

  • Burpsuite 2021.4
  • Windows 10
  • Ubuntu & PopOS

Improvements

  • Multi-session / threading support