Burp Suite is a Man-in-the-middle (MITM) proxy loaded with valuable tools to help pentesters. Apart from Burp’s suite of excellent tools, its capability to extend the features using Extender API adds a lot of value.
As Burp Suite is written in Java, it can extend its functionalities when the extensions are also coded in Java. Apart from Java’s advantage of “Write Once, Run anywhere”, it has a slightly complex learning curve and more source lines of code (SLOC) per feature when compared with other languages like Python and Ruby. So to make the development of extensions easier, Burp Suite allows the extensions to be coded in Python and Ruby with the help of Jython and JRuby respectively.
Jython is a Java implementation of Python 2. Similarly, JRuby is a Java implementation of the Ruby programming language. When both Jython and JRuby are set up on Burp Suite, one can load extensions written in Python and Ruby.
Configuring Jython on Burp Suite
Visit https://www.jython.org/download.html and download the latest Jython standalone JAR file.
In Burp Suite, go to Extender -> Options. Under the section Python Environment, click Select file.
In the popup window, navigate to the saved location and click on the downloaded Jython JAR file. In my case, the file name is
jython-standalone-2.7.2.jar. Then click on Open.
Finally, the Jython JAR file location will now be loaded in the Python Environment section.
Configuring JRuby on Burp Suite
Visit https://www.jruby.org/download and download the JAR file under the JRuby Downloads section.
In Burp Suite, go to Extender -> Options. Under the section Ruby Environment, click Select file.
In the popup window, navigate to the saved location and click on the downloaded JRuby JAR file. In my case, the file name is
jruby-complete-188.8.131.52.jar. Then click on Open.
Finally, the JRuby JAR file location will now be loaded in the Ruby Environment section.