Consists of 2 tools: Shadeless Burp extension and a Shadeless App server.
The Burp extension is copied from https://portswigger.net/bappstore/470b7057b86f41c396a97903377f3d81 for beautiful HTTP logging. We can also config for it to forward web traffics to the Shadeless App server.
Shadeless App server is responsible for storing and allow collaborators to query for web traffic HTTP. This enables bug hunters to work on a target for multiple days without missing endpoints, and we can also collaborate with each other to and look for missing API / features that each other have missed.
- 1: Download Shadeless Burp latest release on https://stc.drstra.in/shadeless/shadeless.1.1.1.jar
- 2: Install shadeless jar file into your BurpSuite Pro: open Burpsuite > Extender tab > Press Add button > Select file shadeless jar file > Next
- You should see a new tab called Shadeless Burp added to your Burp panel.
-
1: If you only want to see log of packets, go to
View Logs
tab. -
2: If you want to forward packets to Shadeless, press to the
Options
tab. -
3: Then, press on
Configure Shadeless Exporter
:- Change
Shadeless url
to the URL of deployed Shadeless API server. For example, I have a self-hosted Shadeless Server at https://shadeless.drstra.in/, so I'd put https://shadeless.drstra.in/ into theShadeless url
. - Rename the
project
into a project name, this will create a new project on the Shadeless URL. - You might want to change Codename to your unique name.
- Close the
Configuration
tab.
- Change
-
4: Press on
Ping Shadeless API
, if everything is correct, you should see messageReached Shadeless API successfully
. -
5: Press
Start Shadeless Exporter
, now every packets that go though your Burp will be forwarded to Shadeless API server.
If you are a LINE corp user using it in our infra and wants to login, please ping my Slack: lw13551.
Thanks :)