Professional Community

Highlighter And Extractor

HaE is a framework-style project in the field of cybersecurity (data security) that adopts a Lego brick-style modular design philosophy. It focuses on fine-grained tagging and extraction of HTTP messages, including WebSocket. HaE uses multi-engine customized regular expressions to accurately match and process HTTP requests and responses, effectively tagging and extracting information from successfully matched content. This enhances the efficiency of vulnerability and data analysis in cybersecurity.

As modern web applications increasingly adopt front-end and back-end separation development models, the volume of captured HTTP request traffic during vulnerability discovery has risen significantly. HaE addresses this issue by reducing testing time and helping users focus on valuable and meaningful messages, thus improving the efficiency of vulnerability discovery.

Features

  • Fine-grained Tagging & Extraction: Processes HTTP requests and responses, including WebSocket, with precise tagging and extraction of relevant data.
  • Optimized for Efficiency: Reduces testing time by focusing on valuable, meaningful messages during vulnerability discovery.
  • Customizable Rules: Users can define their own rules using regular expressions to match specific patterns in HTTP traffic.
  • Color Highlighting: Matches are highlighted with customizable colors, with an automatic upgrade algorithm to avoid redundant color markings.
  • Integrated with BurpSuite: HaE stores data alongside BurpSuite project data for seamless project management.
  • Query Management: Centralized data panel for one-click queries and extraction of information, improving testing and analysis efficiency.

Usage

Upon first use, HaE will load the offline rule database from the Jar package. To update rules, click Reinit to reinitialize the database. Access the rule database on GitHub for the built-in rule set: https://github.com/gh0stkey/HaE/blob/master/src/main/resources/rules/Rules.yml.

The configuration file (Config.yml) and rule file (Rules.yml) are stored in a fixed directory:

  1. For Linux/Mac: ~/.config/HaE/
  2. For Windows: %USERPROFILE%/.config/HaE/

Custom HaE rules must enclose the expressions to be extracted within parentheses (). For example, if you want to match a response message from a Shiro application, the normal matching rule would be rememberMe=delete, but in HaE's rule format, it needs to be written as (rememberMe=delete).

Author

Author

gh0stkey

Version

Version

4.2.1

Rating

Rating

Popularity

Popularity

Last updated

Last updated

20 May 2025

Estimated system impact

Estimated system impact

Overall impact: Medium

Memory
Low
CPU
Medium
General
Medium
Scanner
Low

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for all BApp Store extensions on our GitHub page.

Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore

Note:

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.