Decoder Improved is a data transformation plugin for Burp Suite that better serves the varying and expanding needs of information security professionals. Decoder Improved includes the following useful features:
All of the Built-in Burp Decoder Modes
Decoder Improved supports all of decoder's encoding, decoding, and hashing modes. Decoder Improved can encode and decode URL, HTML, Base64, ASCII Hex, GZIP, and zlib. Additionally, Decoder Improved can hash data using MD2, MD5, SHA, SHA-224, SHA-256, SHA-384, and SHA-512.
Like many of Burp Suite's features, Decoder Improved has support for tabs, enabling users to manipulate separate pieces of data simultaneously without having to erase existing work.
Decoder Improved is backed by arrays of Java Bytes that do not truncate or modify Unicode characters through the modification process. Because Java's Swing elements support displaying Unicode characters, so does Decoder Improved.
An Improved Hex Editor
Decoder Improved comes bundled with the Delta Hexadecimal Editor, a swing Hex Editor, developed by the ExBin project. Delta provides an improved hex editing experience over the built-in decoder's hex editor by allowing easy insertion and removal, highlighting, and Unicode support.
Arbitrary Numeric Base Conversion
Decoder Improved can convert any number represented in base 2 to base 32 (the largest base supported by Java) to its representation in any other base between base 2 and base 32.
Regex Find and Replace
Decoder Improved can perform regular expression find and replace over input to quickly transform text.
HTML/URL Encode Only Special Characters
When HTML and URL encoding strings in decoder, every character in the string is encoded, which limits human readability and occasionally trips broken input filtering rules. Decoder Improved includes encoding modes that only encode special characters while leaving alphanumerics untouched.
Every Hashing Algorithm Available in BouncyCastle
In addition to every hashing algorithm exposed within Burp Suite's built-in decoder, Decoder Improved exposes every hashing algorithm included in the BouncyCastle Java crypto library. In contrast, decoder only contains a smattering of hashing algorithms that do not cover the entire range of hashing needs encountered during testing.
An Easy Extension Interface
In the next blog post covering Decoder Improved, we will walk through examples of how to extend Decoder Improved and add new encoding modes, including a "FooBar" encoder and a "Text Replace" mode.
|Last updated||12 July 2018|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.