Setting up the Ruby environment for Burp Extensions

1. Download a stable version of JRuby from JRuby Downloads​

2. Select the jar for Linux (JRuby x.x.x Complete .jar) or Executable for Windows.

3. Import the environment from Burp Suite >> Extender >> Options >> Ruby Environment.

Import the Burp Suite Extender Core API IBurpExtender

require 'java'
java_import 'burp.IBurpExtender'
​
class BurpExtender
  include IBurpExtender
​
  def registerExtenderCallbacks(callbacks)
    callbacks.setExtensionName("Rubyfu Alert!")
    callbacks.issueAlert("Alert: Ruby goes evil!")
  end
end

Load the plugin alert.rb ​

Check Alerts tab ​

Burp Suite Extension in Ruby template initiative

As Rubyfu project keeps groing, we've decided to develope our vesion of make a solid place for Ruby in the information security community. We've deceided to build a repository that makes building a Burp Suite extension in Ruby is very easy and understandable. Repository link​

Buby

Buby is a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger. Burp is driven from and tied to JRuby with a Java extension using the BurpExtender API. This extension aims to add Ruby scriptability to Burp Suite with an interface comparable to the Burp's pure Java extension interface.

Resources

• Burp Suite Extender API Documentations [ link ]

• Step by step Ruby-based Burp Extension for JSON Encryption/Decryption [ Part 1 | Part 2 ]

• Buby [ website | rdoc ]

• Extensions written in Ruby [ WhatThWAF ]

• Burp suite Scripting with Buby [ Link ]