Merge pull request #65 from PortSwigger/add-custom-columns-directories

Add custom columns directories

.github/workflows/bambda-checker-manual.yml

@@ -17,8 +17,8 @@ jobs:
 
       - name: Validate Bambdas & update READMEs
         run: |
-          [ $(sha256sum BambdaChecker-1.2.jar | awk '{ print $1 }') = '30959be3dce023d3b53c4e2507b9db7fed8bfe41501b14bb8c0d4d3a0a50fd71' ]
-          java -jar BambdaChecker-1.2.jar
+          [ $(sha256sum BambdaChecker-1.3.jar | awk '{ print $1 }') = '4df32c3375dad2563080fdfb19a85970332ee8c0f635f946e7e5b4994f6442e4' ]
+          java -jar BambdaChecker-1.3.jar
           git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git config --local user.name "github-actions[bot]"
           git add .

.github/workflows/bambda-checker-merge.yml

@@ -23,8 +23,8 @@ jobs:
 
       - name: Validate Bambdas & update READMEs
         run: |
-          [ $(sha256sum BambdaChecker-1.2.jar | awk '{ print $1 }') = '30959be3dce023d3b53c4e2507b9db7fed8bfe41501b14bb8c0d4d3a0a50fd71' ]
-          java -jar BambdaChecker-1.2.jar
+          [ $(sha256sum BambdaChecker-1.3.jar | awk '{ print $1 }') = '4df32c3375dad2563080fdfb19a85970332ee8c0f635f946e7e5b4994f6442e4' ]
+          java -jar BambdaChecker-1.3.jar
           git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git config --local user.name "github-actions[bot]"
           git add .

.github/workflows/bambda-checker-pull-request.yml

@@ -19,5 +19,5 @@ jobs:
 
       - name: Validate Bambdas
         run: |
-          [ $(sha256sum BambdaChecker-1.2.jar | awk '{ print $1 }') = '30959be3dce023d3b53c4e2507b9db7fed8bfe41501b14bb8c0d4d3a0a50fd71' ]
-          java -jar BambdaChecker-1.2.jar validateonly
+          [ $(sha256sum BambdaChecker-1.3.jar | awk '{ print $1 }') = '4df32c3375dad2563080fdfb19a85970332ee8c0f635f946e7e5b4994f6442e4' ]
+          java -jar BambdaChecker-1.3.jar validateonly

Logger/View/README.md → Filter/Logger/View/README.md

@@ -5,7 +5,7 @@ Please do not manually edit this file, or include any changes to this file in pu
 -->
 # Logger View Filter
 Documentation: [Burp Logger view filter](https://portswigger.net/burp/documentation/desktop/tools/logger/filter-view#bambda-mode)
-## [HighlightToolType.bambda](https://github.com/PortSwigger/bambdas/blob/main/Logger/View/HighlightToolType.bambda)
+## [HighlightToolType.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Logger/View/HighlightToolType.bambda)
 ### Highlights messages according to their tool type.
 #### Author: ps-porpoise
 ```java
@@ -26,7 +26,7 @@ requestResponse.annotations().setHighlightColor(
 return true;
 
 ```
-## [SlowResponses.bambda](https://github.com/PortSwigger/bambdas/blob/main/Logger/View/SlowResponses.bambda)
+## [SlowResponses.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Logger/View/SlowResponses.bambda)
 ### Finds slow responses.
 #### Author: ps-porpoise
 ```java

Proxy/HTTP/README.md → Filter/Proxy/HTTP/README.md

@@ -3,9 +3,9 @@
 This file is auto-generated by BambdaChecker.
 Please do not manually edit this file, or include any changes to this file in pull requests.
 -->
-# Proxy HTTP
+# Proxy HTTP Filter
 Documentation: [Filtering the HTTP history with Bambdas](https://portswigger.net/burp/documentation/desktop/tools/proxy/http-history/bambdas)
-## [AnnotateSoapRequests.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/AnnotateSoapRequests.bambda)
+## [AnnotateSoapRequests.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/AnnotateSoapRequests.bambda)
 ### This script populates elements of the SOAP request in the "Notes" column of Burp's Proxy History. You can expand upon the capture groups by editing the RegEx pattern.
 #### Author: Nick Coblentz (https://github.com/ncoblentz)
 ```java
@@ -35,7 +35,7 @@ if(requestResponse.request().isInScope()
 return true;
 
 ```
-## [DetectSuspiciousJSFunctions.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/DetectSuspiciousJSFunctions.bambda)
+## [DetectSuspiciousJSFunctions.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/DetectSuspiciousJSFunctions.bambda)
 ### Bambda Script to Detect and Highlight Suspicious JavaScript Functions
 #### Author: Tur24Tur / BugBountyzip (https://github.com/BugBountyzip)
 ```java
@@ -103,7 +103,7 @@ if (foundSuspiciousFunction && enableManualAnnotations) {
 return foundSuspiciousFunction;
 
 ```
-## [EmailHighlighter.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/EmailHighlighter.bambda)
+## [EmailHighlighter.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/EmailHighlighter.bambda)
 ### Script to Filter Out Email Addresses in Responses and Highlight Them if Found
 #### Author: Tur24Tur / BugBountyzip (https://github.com/BugBountyzip)
 ```java
@@ -150,7 +150,7 @@ if (emailMatcher.find()) {
 return false;
 
 ```
-## [FilterAuthenticated.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/FilterAuthenticated.bambda)
+## [FilterAuthenticated.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/FilterAuthenticated.bambda)
 ### Filters authenticated 200 OK requests in Proxy HTTP history. See four config values below.
 #### Author: joe-ds (https://github.com/joe-ds)
 ```java
@@ -201,7 +201,7 @@ var filterDenyList = mimeType != MimeType.CSS
 return (authHeader || sessionCookie) && (configNoFilter || filterDenyList) && (configNotInScopeOnly || request.isInScope());
 
 ```
-## [FilterAuthenticatedNonBearerTokens.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/FilterAuthenticatedNonBearerTokens.bambda)
+## [FilterAuthenticatedNonBearerTokens.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/FilterAuthenticatedNonBearerTokens.bambda)
 ### Filter when an Authorization header is present, not empty and does not include a traditional bearer token (beginning with "ey")
 #### Author: GangGreenTemperTatum (https://github.com/GangGreenTemperTatum)
 ```java
@@ -239,7 +239,7 @@ var sessionCookie = request.headerValue("Cookie") != null &&
 return !excludeAuthorization || sessionCookie;
 
 ```
-## [FilterHighlightAnnotateOWASP.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/FilterHighlightAnnotateOWASP.bambda)
+## [FilterHighlightAnnotateOWASP.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/FilterHighlightAnnotateOWASP.bambda)
 ### Filters Proxy HTTP history for requests with vulnerable parameters based on the OWASP Top 25 using the parameter arrays written by Tur24Tur / BugBountyzip (https://github.com/BugBountyzip).
 #### Author: Shain Lakin (https://github.com/flamebarke/SkittlesBambda)
 ```java
@@ -301,7 +301,7 @@ if (!foundParams.isEmpty()) {
 return false;
 
 ```
-## [FilterOnCookieValue.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/FilterOnCookieValue.bambda)
+## [FilterOnCookieValue.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/FilterOnCookieValue.bambda)
 ### Filters Proxy HTTP history for requests with a specific Cookie value.
 #### Author: LostCoder
 ```java
@@ -317,21 +317,21 @@ if (requestResponse.request().hasParameter("foo", HttpParameterType.COOKIE)) {
 return false;
 
 ```
-## [FilterOnSpecificHighlightColor.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/FilterOnSpecificHighlightColor.bambda)
+## [FilterOnSpecificHighlightColor.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/FilterOnSpecificHighlightColor.bambda)
 ### Filters requests/responses for specific highlight colors
 #### Author: Nick Coblentz (https://github.com/ncoblentz)
 ```java
 return requestResponse.annotations().highlightColor().equals(HighlightColor.CYAN);
 
 ```
-## [FilterOutOptionsRequests.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/FilterOutOptionsRequests.bambda)
+## [FilterOutOptionsRequests.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/FilterOutOptionsRequests.bambda)
 ### Filter out OPTIONS requests.
 #### Author: Trikster
 ```java
 return !requestResponse.request().method().equals("OPTIONS");
 
 ```
-## [FindJSONresponsesWithIncorrectContentType.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/FindJSONresponsesWithIncorrectContentType.bambda)
+## [FindJSONresponsesWithIncorrectContentType.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/FindJSONresponsesWithIncorrectContentType.bambda)
 ### Finds JSON responses with wrong Content-Type  The content is probably json but the content type is not application/json
 #### Author: albinowax
 ```java
@@ -346,7 +346,7 @@ if (contentType != null && !contentType.contains("application/json")) {
 return false;
 
 ```
-## [GraphQlEndpoints.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/GraphQlEndpoints.bambda)
+## [GraphQlEndpoints.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/GraphQlEndpoints.bambda)
 ### Finds GraphQL endpoints with a 'query' parameter containing a newline.
 #### Author: Gareth Hayes
 ```java
@@ -378,7 +378,7 @@ for (HttpParameterType type : types) {
 return false;
 
 ```
-## [HighlightDeprecatedHTTPMethods.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/HighlightDeprecatedHTTPMethods.bambda)
+## [HighlightDeprecatedHTTPMethods.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/HighlightDeprecatedHTTPMethods.bambda)
 ### Filters and highlights requests using less common or deprecated HTTP methods like TRACE or CONNECT.
 #### Author: Tur24Tur / BugBountyzip (https://github.com/BugBountyzip)
 ```java
@@ -404,7 +404,7 @@ if (deprecatedMethods.contains(requestMethod)) {
 return false;
 
 ```
-## [HighlightListenerPort.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/HighlightListenerPort.bambda)
+## [HighlightListenerPort.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/HighlightListenerPort.bambda)
 ### Highlight different listener port
 #### Author: Bogo-6 (https://github.com/Bogo-6)
 ```java
@@ -435,7 +435,7 @@ if (manualColorHighlightEnabled && notes != null) {
 return color != null || notes != null;
 
 ```
-## [HighlightResponsesWithDeveloperNotes.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/HighlightResponsesWithDeveloperNotes.bambda)
+## [HighlightResponsesWithDeveloperNotes.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/HighlightResponsesWithDeveloperNotes.bambda)
 ### Bambda Script to Highlight Responses with Developer Notes This script identifies and highlights HTTP responses containing developer notes in HTML and JavaScript files. It highlights HTML responses in green and JavaScript responses in yellow.
 #### Author: Tur24Tur / BugBountyzip (https://github.com/BugBountyzip)
 ```java
@@ -495,7 +495,7 @@ if (foundDeveloperNotes) {
 return foundDeveloperNotes;
 
 ```
-## [HighlightTrackerServices.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/HighlightTrackerServices.bambda)
+## [HighlightTrackerServices.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/HighlightTrackerServices.bambda)
 ### HighlightTrackerServices: Burp Suite Bambda for Identifying Tracking Services FilterOut Burp Suite history to detect and analyze tracking services from web requests
 #### Author: Tur24Tur / BugBountyzip (https://github.com/BugBountyzip)
 ```java
@@ -537,7 +537,7 @@ for (HttpParameter param : parameters) {
 return false;
 
 ```
-## [HighlightUnencryptedHTTP.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/HighlightUnencryptedHTTP.bambda)
+## [HighlightUnencryptedHTTP.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/HighlightUnencryptedHTTP.bambda)
 ### Bambda Script to Highlight Unencrypted HTTP Traffic Filters Proxy HTTP history for unencrypted (non-HTTPS) requests.
 #### Author: Tur24Tur / BugBountyzip (https://github.com/BugBountyzip)
 ```java
@@ -557,7 +557,7 @@ if (requestUrl.startsWith("http://")) {
 return false;
 
 ```
-## [HostnameInResponse.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/HostnameInResponse.bambda)
+## [HostnameInResponse.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/HostnameInResponse.bambda)
 ### Finds responses which contain the hostname.  Useful to identify possible attack surface for host header injection and web cache poisioning attacks.
 #### Author: emanuelduss
 ```java
@@ -566,7 +566,7 @@ var hostname = requestResponse.request().headerValue("Host");
 return requestResponse.hasResponse() && requestResponse.response().contains(hostname, false);
 
 ```
-## [IncorrectContentLength.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/IncorrectContentLength.bambda)
+## [IncorrectContentLength.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/IncorrectContentLength.bambda)
 ### Finds responses whose body length do not match their stated Content-Length header.
 #### Author: albinowax
 ```java
@@ -580,7 +580,7 @@ int declaredContentLength = Integer.parseInt(requestResponse.response().headerVa
 return declaredContentLength != realContentLength;
 
 ```
-## [JSONPForCSPBypass.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/JSONPForCSPBypass.bambda)
+## [JSONPForCSPBypass.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/JSONPForCSPBypass.bambda)
 ### JSONP for CSP bypass.
 #### Author: Gareth Hayes
 ```java
@@ -610,7 +610,7 @@ for (var param : params) {
 return false;
 
 ```
-## [LargeRedirectResponses.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/LargeRedirectResponses.bambda)
+## [LargeRedirectResponses.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/LargeRedirectResponses.bambda)
 ### Flags redirect responses with a body over 1000 bytes.
 #### Author: albinowax
 ```java
@@ -620,15 +620,15 @@ return requestResponse.hasResponse() &&
        requestResponse.response().body().length() > 1000;
 
 ```
-## [MalformedHttpHeader.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/MalformedHttpHeader.bambda)
+## [MalformedHttpHeader.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/MalformedHttpHeader.bambda)
 ### Finds malformed HTTP headers containing spaces within their names.
 #### Author: albinowax
 ```java
 return requestResponse.response().headers().stream()
     .anyMatch(e -> e.name().contains(" "));
 
 ```
-## [MultipleHtmlTags.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/MultipleHtmlTags.bambda)
+## [MultipleHtmlTags.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/MultipleHtmlTags.bambda)
 ### Finds responses with multiple HTML closing tags.
 #### Author: albinowax
 ```java
@@ -638,7 +638,7 @@ return requestResponse.hasResponse() &&
        requestResponse.response().body().getBytes(), "</html>".getBytes()) > 1;
 
 ```
-## [NotesKeywordHighlighter.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/NotesKeywordHighlighter.bambda)
+## [NotesKeywordHighlighter.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/NotesKeywordHighlighter.bambda)
 ### Finds entries with notes containing a specified keyword
 #### Author: Tur24Tur / BugBountyzip (https://github.com/BugBountyzip)
 ```java
@@ -667,7 +667,7 @@ if (requestResponse.annotations().hasNotes()) {
 return false;
 
 ```
-## [OWASPTop25VulnerableParameters.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/OWASPTop25VulnerableParameters.bambda)
+## [OWASPTop25VulnerableParameters.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/OWASPTop25VulnerableParameters.bambda)
 ### Filters Proxy HTTP history for requests with vulnerable parameters based on the OWASP Top 25
 #### Author: Tur24Tur / BugBountyzip (https://github.com/BugBountyzip)
 ```java
@@ -713,7 +713,7 @@ for (String param : parameterNames) {
 return false;
 
 ```
-## [RedirectedToParameterValue.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/RedirectedToParameterValue.bambda)
+## [RedirectedToParameterValue.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/RedirectedToParameterValue.bambda)
 ### Finds responses which redirect to locations provided as GET parameters.  Useful to identify possible attack surface for open redirects. This can be used for phishing, CSP bypasses or OAuth token stealing.
 #### Author: emanuelduss
 ```java
@@ -738,7 +738,7 @@ if (request.hasParameters() && response.isStatusCodeClass(StatusCodeClass.CLASS_
 return false;
 
 ```
-## [ReflectedParameters.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/ReflectedParameters.bambda)
+## [ReflectedParameters.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/ReflectedParameters.bambda)
 ### Finds responses which reflect parameter names and values.  Useful to identify possible attack surface for XSS, SSTI, header injection, open redirects or similar.
 #### Author: emanuelduss
 ```java
@@ -788,7 +788,7 @@ if (request.hasParameters()){
 return false;
 
 ```
-## [ShowRequestsBetweenDates.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/ShowRequestsBetweenDates.bambda)
+## [ShowRequestsBetweenDates.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/ShowRequestsBetweenDates.bambda)
 ### Shows Requests/Responses before, after, or between specified dates
 #### Author: Nick Coblentz (https://github.com/ncoblentz)
 ```java
@@ -815,7 +815,7 @@ if (requestsBeforeThisDate != null)
 return afterCheck && beforeCheck;
 
 ```
-## [UrlInParameter.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/HTTP/UrlInParameter.bambda)
+## [UrlInParameter.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/HTTP/UrlInParameter.bambda)
 ### Finds requests containing URLs.  Useful to identify possible attack surface for SSRF.
 #### Author: emanuelduss
 ```java

Proxy/WS/README.md → Filter/Proxy/WS/README.md

@@ -3,9 +3,9 @@
 This file is auto-generated by BambdaChecker.
 Please do not manually edit this file, or include any changes to this file in pull requests.
 -->
-# Proxy WebSockets
+# Proxy WebSockets Filter
 Documentation: [Filtering the WebSockets history with Bambdas](https://portswigger.net/burp/documentation/desktop/tools/proxy/websockets-history/bambdas)
-## [ExtractPayloadToNotes.bambda](https://github.com/PortSwigger/bambdas/blob/main/Proxy/WS/ExtractPayloadToNotes.bambda)
+## [ExtractPayloadToNotes.bambda](https://github.com/PortSwigger/bambdas/blob/main/Filter/Proxy/WS/ExtractPayloadToNotes.bambda)
 ### Extracts JSON elements from the WebSocket message and displays it in the "Notes" column of the WebSocket History tab
 #### Author: Nick Coblentz (https://github.com/ncoblentz)
 ```java