Extension Example 2: Custom Session Tokens
We will learn how Burp suite extender APIs can be used to create plugins to modify session-related information.
We'll cover the following...
This lesson comes with a demo server to test the developed plugin. The application server code can be found here. Just run this server as node server.js. This will spin up the server at port 8000
.
If we carefully observe the server.js file, we will notice that session information is stored in the SESSION_ID_KEY
variable, which points to X-Custom-Session-Id
.
const
...