Research Academy
My account Customers About Blog Careers Legal Contact Resellers
  1. Support Center
  2. BApp Store
  3. DPoP Authenticator

Professional Community

DPoP Authenticator

Download BApp

This Burp extension allows you to dynamically add or update the DPoP (Demonstrating Proof of Possession) HTTP header to outgoing HTTP requests based on configured criteria.

Features

  • Dynamically generate DPoP JWT (JSON Web Token) and add it to HTTP headers.
  • Supports both RSA public and private keys in JWK (JSON Web Key) format.
  • Configurable target URL or URL regex pattern for DPoP header injection.
  • Lightweight and easy-to-use interface integrated into Burp Suite.

Usage

  • Navigate to the "DPoP Configurator" tab in Burp Suite.
  • Enter your RSA public and private keys in JWK format.
  • Configure the target URL or URL regex pattern.
  • Optionally, specify the HTTP header name for the DPoP token.
  • Click "Apply" to save your settings.
  • DPoP headers will be automatically added to outgoing requests based on the configured criteria.

Author

 Author

Serhat Cicek

Version

 Version

1.0

Rating

 Rating

Popularity

 Popularity

Last updated

 Last updated

15 August 2024

Estimated system impact

 Estimated system impact

Overall impact: Empty

Memory
Empty
CPU
Empty
General
Empty
Scanner
Empty

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for all BApp Store extensions on our GitHub page.

Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore

Note:

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.