...

Extension Example 2: Custom Session Tokens

We will learn how Burp suite extender APIs can be used to create plugins to modify session-related information.

We'll cover the following...

Create a macro
Create an Extender Plugin to consume Macro
Link Burp Macro and Session Handling Plugin together

This lesson comes with a demo server to test the developed plugin. The application server code can be found here. Just run this server as node server.js. This will spin up the server at port 8000.

If we carefully observe the server.js file, we will notice that session information is stored in the SESSION_ID_KEY variable, which points to X-Custom-Session-Id.

const

...