The plugin can custom regular expressions to match HTTP response messages. You can decide for yourself whether the corresponding request that meets the custom regular expression match needs to be highlighted and information extracted.
Note: The use of Highlighter And Extractor (HaE) requires a basic regular expression foundation for testers. Since the Java regular expression library is not as elegant or convenient as Python when using regular expressions, HaE requires users to use () to extract what they need The expression content contains; for example, if you want to match a response message of a Shiro application, the normal matching rule is rememberMe=delete, if you want to extract this content, you need to become (rememberMe=delete).
Zachary Stashis
Contents:
(1) Installation
Extender > BApp Store > Highlighter And Extractor > Select "Install"
(2) Setup
Navigate to the "HaE" Tab > Config and select “Online Update”
Now some default Rulesets should be installed:
Fingerprint:
Basic Information:
Maybe Vulnerability:
Sensitive Information:
Other:
(3) Usage
Crawl the Web application in scope.
Review the “Logger” tab in Burp Suite for results (everything highlighted is from HaE):
Select one of the highlighted results (you will see a new option “MarkInfo” depending on whether the result is in the request or response):
Select “MarkInfo” to review what was found by HaE:
Request > MarkInfo > JSON Web Token:
Response > MarkInfo > Linkfinder:
Response > MarkInfo > Username Field:
Response > MarkInfo > Internal IP Address:
(4) Databoard (a place to view all the results for specific scope)
HaE Tab > Databoard
Set the Host: (in the example juice-shop.herokuapp.com)
View each tab to see the corresponding results:
Example: Username Field
(5) Create New Rule:
HaE Tab > Rules > (Decide where you want to place the rule for my example I will use “Sensitive Information”) > Select Add
Fill out the appropriate information and select “Yes”:
Enable the new Rule:
All set:
