Home

Awesome

bradamsa-ng

Build Status codecov

A Burp Suite extension for Radamsa-powered fuzzing with Intruder

Screenshot

Index

Introduction

bradamsa-ng is a Burp Suite extension that brings the power of the amazing Radamsa fuzzer to Intruder. It is heavily influenced by the original bradamsa by ikkisoft and aims to fix some of its weaknesses while building upon its strengths.

One noteworthy feature of bradamsa-ng is its support for WSL.
Radamsa is (understandably) not developed with Windows in mind, which means that there is no official support for it. There was a solution to build Radamsa using Cygwin, but it didn't reliably work for me - and there's simply no guarantee that it'll work forever.

With WSL however, we can compile and run Radamsa in its natural habitat - hell, we can even run it from the Windows host (echo "test" | wsl -d Ubuntu -e radamsa). With bradamsa-ng, these new possibilities can now be leveraged in Burp.

Requirements

Installation

bradamsa-ng tries to automatically detect a Radamsa binary in your $PATH. If this succeeds, you'll see a message saying

Radamsa binary was found at /some/path/radamsa

in the extension's Output tab.

Likewise, when running on Windows and WSL is available, you'll either see

WSL is available, but no installed distributions have been found

or

WSL is available and the following distributions have been found: [Ubuntu, Kali]

depending on if WSL distributions are installed or not.

Building

The installable extension JAR can now be found at target/bradamsa-ng-${version}-jar-with-dependencies.jar

Usage

Intruder Payload Generator

Intruder Payload Processor

Not implemented yet.

WSL mode

bradamsa-ng supports using Radamsa through Windows 10's Windows Subsystem for Linux.
In order to take advantage of it, you need the following:

Usage in WSL mode