New YesWeHack Api Extension for Burp

YesWeBurp

Today we are proud to release the version 1.0.0 of our BurpSuite extension.

This will allow you to access all the programs details from YesWeHack directly inside of BurpSuite.
But also instantly configure the scopes and the required headers according to the program rules. No more copy pasting between the website and your favorite tool!

screenshot

Download

YesWeBurp is available on github

Installation

Jython (required)

  • Download Jython 2.7.0 Standalone Jar from https://www.jython.org/downloads.html
  • Open Burp on Extender / Options
  • In Python Environment, set the location of the standalone jar to the previouly downloaded one

YesWeBurp

  • git clone 'https://github.com/yeswehack/YesWeBurp.git' <installation_folder>
  • Open Burp on Extender/ Extensions
  • Click Add
  • Set Extension type as Python
  • Set Extension file to <installation_folder>/src/addon.py
  • Click Next
  • The addon is now installed, a new tab named YesWeHack should appear

Configuration

The configuration options are available in the tab YesWeHack / Options

option description default
API URL Base url for all the api calls. https://api.yeswehack.com
Authentication Choose between Anonymous or authenticated connection.
Authenticated mode allows you to access all your private programs.
Anonymous
Email Email used for connecting to your YesWeHack account.
Password Password used for connecting to your YesWeHack account.
Remember password Choose to keep a plaintext copy of your password inside. Burp

To take full advantage of this tool,

we recommend that you create an account on

YesWeHack.com