Extract Parameter Values from Burp Suite History
tl;dr — Use a combination of regex [&?]param-name=([^&]+) and Sensitive Discover extension from the BApp Store.
Sometimes, I want to extract all possible values in use by the application for a certain parameter for further analysis during the security testing. The following flow is what works for me currently.
Assuming there are many entries in Burp Suite proxy logs, I want to extract all the parameter values for a parameter name pagekey. Refer to the screenshot below.
Install the extension from the BApp Store
In your Burp Suite professional, go to extension and install the target extension Sensitive Discover as shown below.
Configure the regex (regular expression)
The extension comes with pre-configured patterns of finding other sensitive data from the proxy log which is very handy. For our case, I will configure an additional parameter pattern that I want to extract value for. For demonstration purposes, all the default patterns are disabled and only my pattern will be enabled for searching or analyzing.
I created a new regex for my pattern for the following format:
[&?]param-name=([^&]+)As the parameter name that I want is pagekey I put the parameter name according into the regex, so the resulting will be:
[&?]pagekey=([^&]+)location to search the parameter are in Request URL and Request Header so I ticked them accordingly in the screenshot above. So, it’s all set for extraction.
Extracting the parameter values
To extract, go to the Logger tab of the Sensitive Discover extension and simply click Analyze HTTP History. All the matching values will be displayed. The result can be exported via Export list logs in in csv or json format for further processing.
Kudos to Nadeem Douba for creating the Sensitive Discover extension and making it flexible for additional pattern analysis.
Thanks for reading!
