Burpsuite Plugin to decrypt AES Encrypted mobile app traffic.
Requirements
- Burpsuite
- Java
Tested on
- Burpsuite 1.7.36
- Windows 10
- xubuntu 18.04
- Kali Linux 2018
What it does
- Decrypt AES Encrypted traffic on proxy tab
- Decrypt AES Encrypted traffic on proxy, scanner, repeater and intruder
How it works
- Require AES Encryption Key (Can be obtained by reversing mobile app)
- Require AES Encryption Initialize Vector (Can be obtained by reversing mobile app)
- Request Parameter (Leave blank in case of whole request body)
- Response Parameter (Leave blank in case of whole response body)
- Character Separated with space for obfuscation on request/response
- URL/Host of target to filter request and response
How to Install
Download jar file from Release and add in burpsuite
Original Request/Response
Decrypted Request/Response
