YesWeBurp is an extension for BurpSuite allowing you to access all your https://yeswehack.com/ bug bounty programs directly inside Burp.
YesWeBurp also help you to instantly configure Burp according to the program rules.
- Download https://github.com/yeswehack/yesweburp/releases/latest
- Open Burp on Extender / Extensions
- Click
Add
- Set Extension type as Java
- Set Extension file to
YesWeBurp.jar
- Click
Next
- The addon is now installed, a new tab named
YesWeBurp
should appear
git clone 'https://github.com/yeswehack/YesWeBurp.git' <git_folder>
- Open the project with intellij IDEA
- Compile with ctrl+F9
- Open Burp on Extender / Extensions
- Click
Add
- Set Extension type as Java
- Set Extension file to
<git_folder>/out/artifacts/YesWeBurp_jar/YesWeBurp.jar
- Click
Next
- The addon is now installed, a new tab named
YesWeBurp
should appear
YesWeBurp is also available on the BApp store, the BApp store version might be outdated.
The configuration options are available in the tab YesWeHack / Options
option | description | default |
---|---|---|
Authentication | Choose between Anonymous or authenticated connection. Authenticated mode allows you to access all you private programs. |
Anonymous |
Email used for connecting to your YesWeHack account. | - | |
Password | Password used for connecting to your YesWeHack account. | - |
OTP | OTP token used for connecting to your YesWeHack account (ex: 000000). | - |
Remember password | Choose to keep a plaintext copy of your password inside Burp settings | - |
- v2.0.2 - Change in yeswehack api
- v2.0.1 - Fixed html rendering
- v2.0.0
- Total rewrite in Kotlin
- Allow preview of scopes rules
- Programs are now cached for the session
- Better Faster Stronger
- v1.0.2 - Basic support for TOTP
- v1.0.1 - Bugfix
- v1.0.0 - Initial release