🛡️ BurpSuite MCP Server

A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.

🚀 Features

🔄 Proxy Tool

• Intercept and modify HTTP/HTTPS traffic
• View and manipulate requests/responses
• Access proxy history
• Real-time request/response manipulation

# Intercept a request
curl -X POST "http://localhost:8000/proxy/intercept" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://example.com",
    "method": "GET",
    "headers": {"User-Agent": "Custom"},
    "intercept": true
  }'

# View proxy history
curl "http://localhost:8000/proxy/history"

🔍 Scanner Tool

• Active and passive scanning
• Custom scan configurations
• Real-time issue tracking
• Scan status monitoring

# Start a new scan
curl -X POST "http://localhost:8000/scanner/start" \
  -H "Content-Type: application/json" \
  -d '{
    "target_url": "https://example.com",
    "scan_type": "active",
    "scan_configurations": {
      "scope": "strict",
      "audit_checks": ["xss", "sqli"]
    }
  }'

# Check scan status
curl "http://localhost:8000/scanner/status/scan_1"

# Stop a scan
curl -X DELETE "http://localhost:8000/scanner/stop/scan_1"

📝 Logger Tool

• Comprehensive HTTP traffic logging
• Advanced filtering and search
• Vulnerability detection
• Traffic analysis
• Suspicious pattern detection

# Get filtered logs
curl "http://localhost:8000/logger/logs?filter[method]=POST&filter[status_code]=200"

# Search logs
curl "http://localhost:8000/logger/logs?search=password"

# Get vulnerability analysis
curl "http://localhost:8000/logger/vulnerabilities"

# Get comprehensive analysis
curl "http://localhost:8000/logger/analysis"

# Clear logs
curl -X DELETE "http://localhost:8000/logger/clear"

curl "http://localhost:8000/logger/vulnerabilities/severity"

🎯 Vulnerability Detection

Automatically detects multiple types of vulnerabilities:

• 🔥 XSS (Cross-Site Scripting)
• 💉 SQL Injection
• 🗂️ Path Traversal
• 📁 File Inclusion
• 🌐 SSRF (Server-Side Request Forgery)
• 📄 XXE (XML External Entity)
• 🔒 CSRF (Cross-Site Request Forgery)
• 🔄 Open Redirect
• ⚡ Command Injection

🛠️ Setup

1. Clone the repository

git clone https://github.com/X3r0K/BurpSuite-MCP-Server.git
cd BurpSuite-MCP-Server

1. Install Dependencies

pip install -r requirements.txt

2. Configure Environment

# Copy .env.example to .env
cp .env.example .env

# Update the values in .env
BURP_API_KEY=Your_API_KEY
BURP_API_HOST=localhost
BURP_API_PORT=1337
BURP_PROXY_HOST=127.0.0.1
BURP_PROXY_PORT=8080
MCP_SERVER_HOST=0.0.0.0
MCP_SERVER_PORT=8000

3. Start the Server

python main.py

The server will start on http://localhost:8000

📊 Analysis Features

Traffic Analysis

• Total requests count
• Unique URLs
• HTTP method distribution
• Status code distribution
• Content type analysis
• Average response time

Vulnerability Analysis

• Vulnerability type summary
• Top vulnerable endpoints
• Suspicious patterns
• Real-time vulnerability detection

Log Filtering

• By HTTP method
• By status code
• By URL pattern
• By content type
• By content length
• By time range
• By vulnerability type

🔒 Security Considerations

1. Run in a secure environment

2. Configure appropriate authentication

3. Use HTTPS in production

4. Keep BurpSuite API key secure

5. Monitor and audit access

📚 API Documentation

For detailed API documentation, visit:

• Swagger UI: http://localhost:8000/docs
• ReDoc: http://localhost:8000/redoc

Cursor Integration

The MCP server is configured to work seamlessly with Cursor IDE. The .cursor directory contains all necessary configuration files:

Configuration Files

1. settings.json: Contains MCP server configuration

• Server host and port settings
• Endpoint configurations
• BurpSuite proxy settings
• Logger settings
• Python interpreter path

2. tasks.json: Defines common tasks

• Start MCP Server
• Run Vulnerability Tests
• Check Vulnerabilities

3. launch.json: Contains debugging configurations

• Debug MCP Server
• Debug Vulnerability Tests

Using in Cursor

1. Open the project in Cursor

2. The MCP server configuration will be automatically loaded

3. Access features through:

• Command Palette (Ctrl+Shift+P) for running tasks
• Debug menu for debugging sessions
• Automatic Python interpreter configuration

The server will be accessible at http://localhost:8000 with the following endpoints:

• /proxy/intercept for request interception
• /logger for logging functionality
• /logger/vulnerabilities/severity for vulnerability analysis

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• BurpSuite - The original security testing tool
• FastAPI - The web framework used
• Python - The programming language used