Build Status ------------ .. image:: https://ci.ziirish.me/projects/1/status.png?ref=master :target: https://ci.ziirish.me/projects/1?ref=master Screenshots ----------- .. image:: https://git.ziirish.me/ziirish/burp-ui/raw/master/pictures/burp-ui.gif :target: https://git.ziirish.me/ziirish/burp-ui/blob/master/pictures/burp-ui.gif What's that? ------------ Let me introduce you ``Burp-UI``. It is a web-based UI to manage your burp-servers. You can view different reports about burp-servers, burp-clients, backups, etc. ``Burp-UI`` allows you to perform *on-the-fly* restorations and should allow you to edit/manage your burp-server's conf file very soon. It is actually an improvement of the burp status monitor (``burp -c /etc/burp/burp-server.conf -a s``). It currently supports only the burp-1.x branch but it is totally modular so supporting burp-2.x won't be a big deal. So in order to work properly, you must be running ``Burp-UI`` on the same host that runs your burp-server (because the burp status port only listen on *localhost*). If you don't want to, I developed a ``bui-agent`` that allows you to *proxify* external commands to your burp status port. Who are you? ------------ I'm `Ziirish `_, a French sysadmin that loves `Burp`_ and would like to help its adoption by providing it a nice and powerful interface. If you like my work, you can: * Thank me by sending me an email or writing a nice comment * Buy me a beer or some fries or both! * Make a donation on my Paypal Requirements ------------ Please note that currently, ``Burp-UI`` must be running on the same server that runs the burp-server. For LDAP authentication (optional), we need the ``simpleldap`` module that requires the following packages on Debian: :: aptitude install libsasl2-dev libldap2-dev python-dev Then we install the module itself: :: pip install simpleldap Installation ------------ ``Burp-UI`` is written in Python with the `Flask`_ micro-framework. The easiest way to install Flask is to use ``pip``. On Debian, you can install ``pip`` with the following command: :: aptitude install python-pip Once ``pip`` is installed, you can install ``Burp-UI`` this way: :: pip install burp-ui You can setup various parameters in the `burpui.cfg`_ file. This file can be specified with the ``-c`` flag or should be present in ``/etc/burp/burpui.cfg``. By default ``Burp-UI`` ships with a default file located in ``$BURPUIDIR/../share/burpui/etc/burpui.cfg``. Then you can run ``burp-ui``: ``burp-ui`` By default, ``burp-ui`` listens on all interfaces (including IPv6) on port 5000. You can then point your browser to http://127.0.0.1:5000/ Gunicorn -------- ``Burp-UI`` now supports `Gunicorn `_ in order to handle multiple users simultaneously. You need to install ``gunicorn`` and ``eventlet``: :: pip install eventlet pip install gunicorn You will then be able to launch ``Burp-UI`` this way: :: gunicorn -k eventlet -w 4 'burpui:init(conf="/path/to/burpui.cfg")' Instructions ------------ In order to make the *on the fly* restoration/download functionality work, there you need to check a few things: 1. Provide the full path of the burp (client) binary file 2. Provide the full path of an empty directory where a temporary restoration will be made. This involves you have enough space left on that location on the server that runs ``Burp-UI`` 3. Launch ``Burp-UI`` with a user that can proceed restorations and that can write in the directory above 4. Make sure to configure a client on the server that runs ``Burp-UI`` that can restore files of other clients (option *restore_client* in burp-server configuration) Notes ----- Please feel free to report any issues on my `gitlab `_ I have closed the *github tracker* to have a unique tracker system. TODO ---- `Here `_ is a non-exhaustive list of things I'd like to add. Also note that in the future, I'd like to write a burp-client GUI. But I didn't think yet of what to do. Changelog --------- * version `current `_: - Add `gunicorn support `_ - Add `init script for CentOS `_ - Add `init script for Debian `_ - Add `autofocus login field on login page `_ - Fix issue `#25 `_ - Fix issue `#26 `_ - Fix issue `#30 `_ - Fix issue `#32 `_ - Fix issue `#33 `_ - Code cleanup - Improve unit tests - Bugfixes - `Full changelog `_ * version `0.0.5 `_: - Add multi-server support - Fix bugs - `Full changelog `_ * version `0.0.4 `_: - Add the ability to download files directly from the web interface - `Full changelog `_ * version `0.0.3 `_: - Add authentication - `Full changelog `_ * version `0.0.2 `_: - Fix bugs - `Full changelog `_ * version `0.0.1 `_: - Initial release Licenses -------- ``Burp-UI`` is released under the BSD 3-clause `License`_. But this project is built on top of other tools listed here: - `d3.js `_ (`BSD `__) - `nvd3.js `_ (`Apache `__) - `jQuery `_ (`MIT `__) - `jQuery-UI `_ (`MIT `__) - `fancytree `_ (`MIT `__) - `bootstrap `_ (`MIT `__) - `typeahead `_ (`MIT `__) - `bootswatch `_ theme ``Slate`` (`MIT `__) - `angular-bootstrap-switch `_ (`Apache `__) - `angular.js `_ (`MIT `__) - `angular-ui-select `_ (`MIT `__) - `AngularStrap `_ (`MIT `__) - `lodash `_ (`MIT `__) - Home-made `favicon `_ based on pictures from `simpsoncrazy `_ Also note that this project is made with the Awesome `Flask`_ micro-framework. Thanks ------ Special Thanks to Graham Keeling for its great software! This project would not exist without `Burp`_. .. _Flask: http://flask.pocoo.org/ .. _License: https://git.ziirish.me/ziirish/burp-ui/blob/master/LICENSE .. _Burp: http://burp.grke.org/ .. _burpui.cfg: https://git.ziirish.me/ziirish/burp-ui/blob/master/burpui.cfg