# Burp Suite ### Burp MCP + Codex CLI This guide shows how to connect Burp Suite MCP Server to Codex CLI so that Codex can reason directly on your real HTTP traffic — no API keys, no scanning, no fuzzing. You end up with a reasoning engine wired directly into your interception stack. *** #### What you get • Passive vuln discovery • IDOR / auth bypass / SSRF / logic flaw detection • Report writing from real Burp evidence • No API keys • Full local traffic control *** #### 1. Install Burp MCP Server Install MCP Server from Burp’s BApp Store. Once installed, open its tab and click: > Extract server proxy jar ![](https://1729840239-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M5x1LJiRQvXWpt04_ee%2Fuploads%2FYkYavwSHIePBdSecaAqI%2Fimage.png?alt=media\&token=5b05b334-837f-4646-9c82-29937ed519f3)
This downloads: ``` mcp-proxy.jar ``` This is the stdio MCP bridge Codex uses. *** #### 2. Configure Codex MCP Edit: ``` ~/.codex/config.toml ``` Append: ``` [mcp_servers.burp] command = "java" args = ["-jar", "/absolute/path/to/mcp-proxy.jar", "--sse-url", "http://127.0.0.1:19876"] ``` *** #### 3. Install Caddy reverse proxy Burp MCP currently enforces strict Origin validation and rejects extra headers sent by Codex, which causes handshake failures [see more here](https://github.com/PortSwigger/mcp-server/issues/34). We solve this with a local reverse proxy. Install Caddy: ``` brew install caddy ``` *** #### 4. Create the Caddyfile Create: ``` ~/burp-mcp/Caddyfile ``` Paste: ``` :19876 reverse_proxy 127.0.0.1:9876 { # Match Origin and Host exactly (anti-DNS rebinding) header_up Host "127.0.0.1:9876" header_up Origin "http://127.0.0.1:9876" # Workaround for current Burp MCP SSE 403 bug header_up -User-Agent header_up -Accept header_up -Accept-Encoding header_up -Connection } ``` *** #### 5. Start everything ``` caddy run --config ~/burp-mcp/Caddyfile & codex ``` Verify: ``` /mcp ``` You should see:
*** #### 6. Test it Examples: ``` From Burp history, find all endpoints that use numeric IDs and lack Authorization headers. ``` ``` Using Burp MCP, identify potential IDOR endpoints and suggest safe confirmation steps. ``` ``` From Burp data, write a vulnerability report with reproduction, impact and remediation. ``` *** #### 7. One-command launcher (optional) \ Add to your \~/.zshrc (check your paths first): ```bash burpcodex() { emulate -L zsh setopt pipefail local CADDYFILE="$HOME/burp-mcp/Caddyfile" local LOG="/tmp/burp-mcp-caddy.log" local CADDY_PID="" if ! command -v caddy >/dev/null 2>&1; then echo "[!] caddy not found (brew install caddy)" return 1 fi if ! command -v codex >/dev/null 2>&1; then echo "[!] codex not found in PATH" return 1 fi if [[ ! -f "$CADDYFILE" ]]; then echo "[!] Caddyfile not found: $CADDYFILE" return 1 fi cleanup() { # 1) Kill captured PID (if still alive) if [[ -n "$CADDY_PID" ]] && kill -0 "$CADDY_PID" 2>/dev/null; then kill -TERM "$CADDY_PID" 2>/dev/null sleep 0.2 kill -KILL "$CADDY_PID" 2>/dev/null wait "$CADDY_PID" 2>/dev/null fi # 2) Fallback: kill anything still listening on 19876 local pids pids="$(lsof -ti tcp:19876 2>/dev/null | tr '\n' ' ')" if [[ -n "$pids" ]]; then kill -TERM $pids 2>/dev/null sleep 0.2 kill -KILL $pids 2>/dev/null fi } trap 'cleanup; return 130' INT TERM trap 'cleanup' EXIT # Start caddy caddy run --config "$CADDYFILE" >"$LOG" 2>&1 & CADDY_PID=$! echo "[*] Caddy started (pid=$CADDY_PID) - log: $LOG" # Run codex (foreground) command codex "$@" # Ensure cleanup even if trap didn't trigger for some reason cleanup trap - INT TERM EXIT } ``` Run: ``` burpcodex ``` *** ### Tips ```shellscript - If Render Page crash: sudo sysctl -w kernel.unprivileged_userns_clone=1 - If embedded browser crash due sandbox: find .BurpSuite -name chrome-sandbox -exec chown root:root {} \; -exec chmod 4755 {} \; - Scope with all subdomains: .*\.test\.com$ - Use Intruder to target specific parameters for scanning - Right click: actively scan defined insertion points # Configuration - Project Options -> HTTP -> Redirections -> Enable JavaScript-driven - User Options -> Misc -> Proxy Interception -> Always disabled - Target -> Site Map -> Show all && Show only in-scope items # XSS Validator extension 1) Start xss.js phantomjs $HOME/.BurpSuite/bapps/xss.js 2) Send Request to Intruder 3) Mark Position 4) Import xss-payload-list from $Tools into xssValidator 5) Change Payload Type to Extension Generated 6) Change Payload Process to Invoke-Burp Extension - XSS Validator 7) Add Grep-Match rule as per XSS Validator 8) Start. # Filter the noise https://gist.github.com/vsec7/d5518a432b70714bedad79e4963ff320 # Filter the noise TLDR # TLS Pass Through .*\.google\.com .*\.gstatic\.com .*\.googleapis\.com .*\.pki\.goog .*\.mozilla\.com # Send swagger to burp https://github.com/RhinoSecurityLabs/Swagger-EZ # Hosted: https://rhinosecuritylabs.github.io/Swagger-EZ/ # If some request/response breaks or slow down Burp - Project options -> HTTP -> Streaming responses -> Add url and uncheck "Store streaming responses...." # Burp Extension rotate IP yo avoid IP restrictions https://github.com/RhinoSecurityLabs/IPRotate_Burp_Extension # Collab/SSRF/pingback alternative interactsh.com ceye.io requestcatcher.com canarytokens.org webhook.site ngrok.com pingb.in swin.es requestbin.net ssrftest.com rbnd.gl0.eu dnslog.cn beeceptor.com # Run private collaborator instance in AWS https://github.com/Leoid/AWSBurpCollaborator # Run your own collab server https://github.com/yeswehack/pwn-machine # Wordlist from burp project file cat project.burp | strings | tok | sort -u > custom_wordlist.txt # Autorize: 1. Copy cookies from low priv user and paste in Autorize 2. Set filters (scope, regex) 3. Set Autorize ON 4. Navigate as high priv user # Turbo Intruder basic.py -> Set %s in the injection point and specify wordlist in script multipleParameters.py -> Set %s in all the injection points and specify the wordlists in script # Match and Replace https://github.com/daffainfo/match-replace-burp # Customize Audit Scans Configure your audit profile -> Issues reported -> Individual issues -> right-click on "Extension generated issues" -> "Edit detection methods" Works on most of issues like SQLi # Send to local Burp from VPS # In local computer ssh -R 8080:127.0.0.1:8080 root@VPS_IP -f -N # In VPS curl URL -x http://127.0.0.1:8080 # Ip rotation https://github.com/ustayready/fireprox ``` ### Proxy options Append something to the user-agent Match \`^User-Agent: (.\*)$\` Replace \`User-Agent: $1 BugBounty-Username\`
### Preferred extensions * [Burp Bounty Pro](https://burpbounty.net/): Active and passive checks customizable based on patterns. * [Active Scan ++](https://portswigger.net/bappstore/3123d5b5f25c4128894d97ea1acc4976) More active and passive scans. * [Software Vulnerability Scanner](https://portswigger.net/bappstore/c9fb79369b56407792a7104e3c4352fb) Passive scan to detect vulnerable software versions * [Param Miner](https://portswigger.net/bappstore/17d2949a985c4b7ca092728dba871943) Passive scan to detect hidden or unlinked parameters, cache poisoning * [Backslash Powered Scanner](https://portswigger.net/bappstore/9cff8c55432a45808432e26dbb2b41d8) Active scan for SSTI detection * [CSRF Scanner](https://portswigger.net/bappstore/60f172f27a9b49a1b538ed414f9f27c3) Passive CSRF detection * [Freddy](https://portswigger.net/bappstore/ae1cce0c6d6c47528b4af35faebc3ab3) Active and Passive scan for Java and .NET deserialization * [JSON Web Tokens](https://portswigger.net/bappstore/f923cbf91698420890354c1d8958fee6) decode and manipulate JSON web tokens * [Reissue Request Scripter](https://portswigger.net/bappstore/6e0b53d8c801471c9dc614a016d8a20d) generates scripts for Python, Ruby, Perl, PHP and PowerShell * [Burp-exporter](https://github.com/artssec/burp-exporter) other extension for export request to multiple languages * [Retire.js](https://portswigger.net/bappstore/36238b534a78494db9bf2d03f112265c) Passive scan to find vulnerable JavaScript libraries * [Web Cache Deception Scanner](https://portswigger.net/bappstore/7c1ca94a61474d9e897d307c858d52f0) Active scan for Web Cache Deception vulnerability * [Cookie decrypter](https://portswigger.net/bappstore/76c500c3fdba4a37a6fca46fe18d8ada) Passive check for decrypt/decode Netscaler, F5 BigIP, and Flask cookies * [Reflector](https://github.com/elkokc/reflector) Passive scan to find reflected XSS * [J2EEScan](https://portswigger.net/bappstore/7ec6d429fed04cdcb6243d8ba7358880) Active checks to discover different kind of J2EE vulnerabilities * [HTTP Request Smuggler](https://portswigger.net/bappstore/aaaa60ef945341e8a450217a54a11646) Active scanner and launcher for HTTP Request Smuggling attacks * [Flow](https://portswigger.net/bappstore/ee1c45f4cc084304b2af4b7e92c0a49d) History of all burp tools, extensions and tests * [Taborator](https://portswigger.net/bappstore/c9c37e424a744aa08866652f63ee9e0f) Allows Burp Collaborator in a new tab * [Turbo Intruder](https://portswigger.net/bappstore/9abaa233088242e8be252cd4ff534988) Useful for sending large numbers of HTTP requests (Race cond, fuzz, user enum) * [Auto Repeater](https://portswigger.net/bappstore/f89f2837c22c4ab4b772f31522647ed8) Automatically repeats requests with replacement rules and response diffing * [Upload Scanner](https://portswigger.net/bappstore/b2244cbb6953442cb3c82fa0a0d908fa) Tests multiple upload vulnerabilities * [poi Slinger](https://github.com/portswigger/poi-slinger): Active scan check to find PHP object injection * [Java Deserialization Scanner](https://portswigger.net/bappstore/228336544ebe4e68824b5146dbbd93ae) Active and passive scanner to find Java deserialization vulnerabilities * [Autorize](https://portswigger.net/bappstore/f9bbac8c4acf4aefa4d7dc92a991af2f) Used to detect IDORs * [Match/Replace Session Action](https://portswigger.net/bappstore/9b5c532966ca4d5eb13c09c72ba7aac2) Provides a match and replace function as a Session Handling Rule. * [.NET Beautifier](https://portswigger.net/bappstore/e2a137ad44984ccb908375fa5b2c618d) Easy view for VIEWSTATE parameter * [Wsdler](https://portswigger.net/bappstore/594a49bb233748f2bc80a9eb18a2e08f) generates SOAP requests from WSDL request * [Collaborator Everywhere](https://portswigger.net/bappstore/2495f6fb364d48c3b6c984e226c02968) Inject headers to reveal backend systems by causing pingbacks * [Collabfiltrator](https://github.com/0xC01DF00D/Collabfiltrator) Exfiltrate blind remote code execution output over DNS * [Bypass WAF](https://portswigger.net/bappstore/ae2611da3bbc4687953a1f4ba6a4e04c) Add some headers to bypass some WAFs * [SAMLRaider](https://github.com/CompassSecurity/SAMLRaider) for testing SAML infrastructures, messages and certificates * [GoldenNuggets-1](https://github.com/GainSec/GoldenNuggets-1) create wordlists from target * [Logger++](https://portswigger.net/bappstore/470b7057b86f41c396a97903377f3d81) Log for every burp tool and allows highlight, filter, grep, export... * [OpenAPI Parser](https://portswigger.net/bappstore/6bf7574b632847faaaa4eb5e42f1757c) Parse and fetch OpenAPI documents directly from a URL * [CO2](https://github.com/portswigger/co2): Multiple functions such sqlmapper, cewler * [XSSValidator](https://github.com/PortSwigger/xss-validator): XSS intruder payload generator and checker * [Shelling](https://github.com/ewilded/shelling): command injection payload generator * [burp-send-to](https://github.com/bytebutcher/burp-send-to): Adds a customizable "Send to..."-context-menu. * [ssrf-king](https://github.com/ethicalhackingplayground/ssrf-king?s=09): Automates SSRF detection ### Private collaborator server ### Burp macros ### Collaborator SSRF explotation [mindmap](https://github.com/iustin24/SSRF) ![](https://1729840239-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M5x1LJiRQvXWpt04_ee%2F-MLBtDR-NwyWvWQKwine%2F-MLBtpjgyra0n8WwTYDL%2Fimage.png?alt=media\&token=1fc2ade7-e25e-44aa-bfc4-f8d415a39d5f) #### DOM Invader