Skip to content

v1.3.1 - 2024-05-22
Compare
Choose a tag to compare
@fhaag95 fhaag95 released this 22 May 07:46
· 59 commits to master since this release
v1.3.1
412abd7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

CSTC v1.3.1

After a lot of work migrating to the new Montoya API the new CSTC v1.3.1 is finally here! It comes with a lot of improvements, bug fixes, new operations a lot more. A full list is attached in the changelog below. Happy hacking, we look forward to hearing from you!

Changelog

Features

  • Migrate to the new MontoyaAPI provided by Burp
  • Redesign the existing filter selection for better usability
  • Add ability to automatically save recipes in the Burp project file
  • Filter state is now persistent upon restarting Burp / CSTC
  • Add indication / warning if no filter has been selected (CSTC is inactive)
  • Refactor and redesign behavior of "HTTP Request" module and add "Send Plain Request" operation
  • Add an operation to set multipart/form-data parameters
  • Add uppercase and lowercase operations for strings
  • Add an option to URL safe encode and decode Base64 strings
  • Add operation to generate JWT signatures
  • Add operation to count executions of a specific operation / lane
  • Add support for empty IVs in the "AES" operations
  • Add an option to decide whether to append to or overwrite a file in the "File Write" operation
  • Add HTTP/2 support
  • Add operations for SM-2, SM-3, SM-4
  • Change to Java Version 17
  • Add CSTC introduction including demo
  • Add Luhn checksum operation
  • Add string concatenation operation

Bugfixes

  • Fix compatibility issues with Burp's dark theme
  • Fix an issue where CSTC interferes with requests when turned off
  • Fix bugs related to loading and storing recipes
  • Fix implementation of "HTTP Request" operation which caused exceptions
  • Fix and add unit tests
  • Fix UI bugs of the operation tree on the left hand side
  • Refactor extractor and setter operations to match the new API, improve code quality and fix certain bugs (e.g. problem with multiple "Set-Cookie" headers)
  • Fix Filter selection and its application
  • Fix several issues regarding Conditionals
  • Fix Formatting tab changes crashing Repeater tab
  • Fix saving and loading Filter state inside Burp Project
  • Fix Exception handling in Operation's perform method
  • Fix CSTC lanes naming
  • Fix JSON extractor only able to extract single values
Assets 3
Loading