Couple of months ago I finally switched to BurpSuitePro after so many years using the free version and … I do not regret at all. I adapted pretty quickly to the extra options it provides compared to the free version.
There are many differences between the free and the commercial product versions but this post is dedicated to one in particular. Currently BurpSuitePro (version 1.4.12) exports the Burp proxy history log items in XML format with Base64 encoded content of the and tags while BurpSuite free version (1.4.01) does not encode those fields. The row log that both versions produce if logging option is turned on is still plain text. I love to log my actions and always work with turned on logging option on the background. That helps me keep almost full track of my actions. With prolong tests however the log can reach considerable size which makes the grepping and searching harder. Sometimes it is much easier to just extract part of the proxy history and just grep it. I used to do that with the free version of the product. With the BurpSuitePro however I needed a tool to convert the xml format with the Base64 encoded fields into something more grep friendly. So I write up a small python script for this job. It comes handy in case of ad hoc colleague/boss/customers requests for logged test activities. All it does is to parse the BurpSuitePro XML log, get the request and response tags content, decode it and write it in an output file.
The script is not polished. It is free to use and modify. You can download it from here.
burpProHistory2Flat.zip
Do not be picky about the programming style – it is my first python script 🙂
At the end of this small write up I would like to thank PortSwigger Web Security team for the excellent tool they have been providing the IS community with.
Leave a Reply