1. filter:
    1. 根据MIME Type、状态码、后缀、注释、正则、端口来过滤要显示的内容。
    2. @target-sitemap-filter @proxy-httphistory-filter
  2. search:
    1. @target-sitemap-engagement tool @target-sitemap-filter @proxy-httphistory-filter @burp-search @message editor
    2. regex。
      1. ^(?<=http)(?:www)\w\W\s\S+\.\*\?\t\n\r(?<name>cool)[0-9a-zA-Z](?#foobar)[^\d]\b\.*?(hunter|honor){6,8}(?!2333)$
      2. 元字符、转义、重复、字符类、分支、分组、反义、零宽断言、后向引用、贪婪匹配等
      3. 学习与测试正则表达式:https://regexr.com/
  3. scope:
    1. eg1, include hihonor
    2. eg2, include .* ,exclude .*google.*
    3. remove from scope @proxy-httphistory @target-sitemap
    4. toggle scope wherever search/filter is available
    5. only record inscope items @proxy-option-misc
  4. hotkey: ctrl+(-|=|a|b|c|d|i|r|s|u|v|x|y|z) ctrl+shift+(b|d|h|i|p|r|t|u|v) @user option-misc-hotkeys
  5. multi proxy listener & filter/search by port @proxy-option
  6. download ca from http://burp
  7. highlight/comment history item
  8. reponse modification. eg:unhide hidden filed @proxy-option
  9. match and replace. eg: replace cookie @proxy-option
  10. misc: unpack gzip in requests, useful in traffic from mobile device @proxy-option-misc
  11. uncheck payload encoding @intruder-payloads
  12. grep to match/extract @intruder-option
  13. copy url/ paste url as request @repeater
  14. url encode as typing @repeater
  15. show response in browser @repeater
  16. tab rename @repeater
  17. gen csrf poc @repeater-engagement tools
  18. decoder:url/html/base64/hex/octol/binary/gzip
  19. comparer:text/hex ; syncviews
  20. upstream proxy server:与burp/awvs/lspider/crawlergo等联动 @user options-connections
  21. update burp / install bapp via proxy @useroptions-connections-socksproxy
  22. 乱码/指针错位:中文字体、等宽字体、默认字符集@user option -display
  23. extender:
    1. https://github.com/bit4woo/knife 添加了很多便于使用的小功能
    2. JSON Web Tokens 识别存在JWT的请求;解码;验证JWT有效期
    3. Logger++ / flow 记录所有tool的流量;正则支持更强;缺点是重启会清空记录
    4. decompressor 修改GZIP压缩的请求并重新封装
    5. bookmarks 收藏某些请求
    6. js-link-finder 分析JS发现更多endpoint
    7. log-requests-to-sqlite 把请求存储到sqlite
    8. RetireJS 识别存在漏洞的js库
    9. HTTP Request Smuggler 请求夹带类漏洞探测和利用
    10. https://github.com/snoopysecurity/awesome-burp-extensions
  24. ext dev: press ctrl while toggle to reload ext fastly
  25. @burp collaborator http & dns listening server
  26. with ffuf
    1. ffuf -c -w seclistpath.txt:path -w alive.txt:url -u "url/path" -mc 200 -replay-proxy http://127.0.0.1:8080
    2. rg -Io "https?://[\w.-]*honor[\w/:.-]*/[\w/:.-]+\.js" sdb |sort -u|ffuf -r -c -u FUZZ -w - -x http://127.0.0.1:8080
    3. rg -Io "https?://[\w.-]*honor[\w/:.-]*/[\w/:.-]+\.js" sdb |sort -u|ffuf -r -c -u FUZZ -w - -replay-proxy http://127.0.0.1:8080