PortSwigger · BugBountyzip · Dec 5, 2023 · Dec 5, 2023 · Dec 6, 2023 · Dec 6, 2023
diff --git a/Proxy/HTTP/DetectSuspiciousJSFunctions.bambda b/Proxy/HTTP/DetectSuspiciousJSFunctions.bambda
@@ -0,0 +1,72 @@
+/**
+ * Bambda Script to Detect and Highlight Suspicious JavaScript Functions
+ * It identifies a range of suspicious JavaScript functions often associated with unsafe practices or vulnerabilities, such as 'eval()', 'setTimeout()', and 'document.write()'.
+ * Upon detection, responses are highlighted in red, and notes are appended to indicate the specific functions found.
+ * Author: Tur24Tur
+ * GitHub: @BugBountyzip (https://github.com/BugBountyzip)
+ **/
+
+boolean manualColorHighlightEnabled = true;
+
+// Ensure there is a response and it is not null
+if (!requestResponse.hasResponse() || requestResponse.response() == null) {
+    return false;
+}
+
+// Check the Content-Type header
+String contentType = requestResponse.response().headerValue("Content-Type");
+if (contentType == null || !contentType.toLowerCase().contains("application/javascript")) {
+    return false;
+}
+
+String responseBody = requestResponse.response().bodyToString();
+boolean foundSuspiciousFunction = false;
+StringBuilder notesBuilder = new StringBuilder();
+
+// Expanded list of suspicious JavaScript functions
+String[] suspiciousFunctions = {
+    "eval\\(",                 // Executes a string as code
+    "setTimeout\\(",           // Can execute strings as code if used improperly
+    "setInterval\\(",          // Similar to setTimeout, can execute strings as code
+    "document\\.write\\(",     // Can overwrite entire document
+    "innerHTML",               // Can introduce XSS vulnerabilities if used with untrusted content
+    "document\\.createElement\\(",  // Safe, but part of dynamic content generation which can be risky
+    "document\\.execCommand\\(",   // Deprecated, was used to execute certain commands
+    "document\\.domain",       // Altering the document.domain can be risky
+    "window\\.location\\.href",    // Can be used for redirects which might be used in phishing
+    "document\\.cookie",       // Accessing cookies can be sensitive
+    "document\\.URL",          // Can be used to extract URL information
+    "document\\.referrer",     // Can be used to check where the request came from
+    "window\\.open\\(",        // Opening a new window or tab, potential for misuse
+    "document\\.body\\.innerHTML", // Specific case of innerHTML, also risky
+    "element\\.setAttribute\\(",   // If used improperly, can set risky attributes like 'onclick'
+    "element\\.outerHTML",         // Similar risks to innerHTML
+    "XMLHttpRequest\\(",           // Can be used for sending/receiving data, potential for misuse
+    "fetch\\(",                    // Modern way to make network requests, potential for misuse
+    "navigator\\.sendBeacon\\("    // Used to send analytics and tracking data
+};
+
+for (String function : suspiciousFunctions) {
+    Pattern pattern = Pattern.compile(function);
+    Matcher matcher = pattern.matcher(responseBody);
+    if (matcher.find()) {
+        foundSuspiciousFunction = true;
+        if (manualColorHighlightEnabled) {
+            // Append detected functions to notes
+            if (notesBuilder.length() > 0) {
+                notesBuilder.append(", ");
+            }
+            notesBuilder.append(function.split("\\\\")[0]); // Include only the function name in the note
+        }
+    }
+}
+
+if (foundSuspiciousFunction) {
+    // Set the highlight color to RED and add notes
+    requestResponse.annotations().setHighlightColor(HighlightColor.RED);
+    if (manualColorHighlightEnabled && notesBuilder.length() > 0) {
+        requestResponse.annotations().setNotes("Suspicious JS functions detected: " + notesBuilder.toString());
+    }
+}
+
+return foundSuspiciousFunction;
diff --git a/Proxy/HTTP/EmailHighlighter.bambda b/Proxy/HTTP/EmailHighlighter.bambda
@@ -0,0 +1,47 @@
+/**
+ * Script to Filter Out Email Addresses in Responses and Highlight Them if Found
+ * Author: Tur24Tur
+ * GitHub: @BugBountyzip (https://github.com/BugBountyzip)
+ **/
+
+boolean manualColorHighlightEnabled = true;
+
+// Set of file extensions to ignore
+Set<String> ignoredExtensions = Set.of("mp4", "mp3", "png", "gif", "jpg", "jpeg", "css", "pdf");
+
+if (!requestResponse.hasResponse()) {
+    return false;
+}
+
+// Retrieve the URL from the request part of the requestResponse object
+String requestUrl = requestResponse.request().url().toString();
+
+
+for (String ext : ignoredExtensions) {
+    // Check if the URL ends with any of the ignored file extensions
+    if (requestUrl.toLowerCase().endsWith("." + ext)) {
+        return false; 
+    }
+}
+
+// Extract the response body as a string and remove any leading and trailing whitespace
+var body = requestResponse.response().bodyToString().trim();
+
+
+String emailRegexPattern = "\\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.(?!jpeg|png|jpg|gif|webp)[A-Z|a-z]{2,7}\\b";
+Pattern emailPattern = Pattern.compile(emailRegexPattern);
+
+// Create a matcher to find email addresses in the response body
+Matcher emailMatcher = emailPattern.matcher(body);
+if (emailMatcher.find()) { 
+    if (manualColorHighlightEnabled) { 
+
+        requestResponse.annotations().setHighlightColor(HighlightColor.GREEN);
+        // Add a note indicating that an email was found
+        requestResponse.annotations().setNotes("Email Found!: " + emailMatcher.group());
+    }
+    return true; 
+}
+
+
+return false;
diff --git a/Proxy/HTTP/HighlightDeprecatedHTTPMethods.bambda b/Proxy/HTTP/HighlightDeprecatedHTTPMethods.bambda
@@ -0,0 +1,27 @@
+/**
+ * Bambda Script to Filter and Highlight Requests Using Deprecated HTTP Methods
+ * Highlights requests using less common or deprecated HTTP methods like TRACE or CONNECT.
+ * Author: Tur24Tur
+ * GitHub: @BugBountyzip (https://github.com/BugBountyzip)
+ **/
+
+boolean manualColorHighlightEnabled = true;
+
+// Define the set of deprecated or less common HTTP methods
+Set<String> deprecatedMethods = Set.of("TRACE", "CONNECT");
+
+String requestMethod = requestResponse.request().method();
+
+// Check if the request method is in the set of deprecated methods
+if (deprecatedMethods.contains(requestMethod)) {
+    if (manualColorHighlightEnabled) {
+        // Set the highlight color to RED
+        requestResponse.annotations().setHighlightColor(HighlightColor.RED);
+
+        // Optionally, add a note to the request/response
+        requestResponse.annotations().setNotes("Deprecated method used: " + requestMethod);
+    }
+    return true;
+}
+
+return false;
diff --git a/Proxy/HTTP/HighlightResponsesWithDeveloperNotes b/Proxy/HTTP/HighlightResponsesWithDeveloperNotes
@@ -0,0 +1,61 @@
+/**
+ * Bambda Script to Highlight Responses with Developer Notes
+ * This script identifies and highlights HTTP responses containing developer notes in HTML, JavaScript, or other files.
+ * It differentiates the types of files and highlights them accordingly: green for HTML, yellow for JavaScript, and blue for other types.
+ * Author: Tur24Tur
+ * GitHub: @BugBountyzip (https://github.com/BugBountyzip)
+ **/
+
+boolean manualColorHighlightEnabled = true;
+Set<String> ignoredExtensions = Set.of("mp4", "mp3", "png", "gif", "jpg", "jpeg", "css", "pdf");
+
+if (!requestResponse.hasResponse()) {
+    return false;
+}
+
+String requestUrl = requestResponse.request().url().toString();
+String fileExtension = requestUrl.substring(requestUrl.lastIndexOf('.') + 1).toLowerCase();
+
+if (ignoredExtensions.contains(fileExtension)) {
+    return false;
+}
+
+String contentType = requestResponse.response().headerValue("Content-Type");
+boolean isHtml = contentType != null && contentType.toLowerCase().contains("text/html");
+boolean isJavaScript = contentType != null && contentType.toLowerCase().contains("application/javascript");
+boolean foundDeveloperNotes = false;
+StringBuilder notesBuilder = new StringBuilder();
+HighlightColor highlightColor = HighlightColor.BLUE; // Default color
+
+if (isHtml || fileExtension.equals("html") || fileExtension.equals("htm")) {
+    highlightColor = HighlightColor.GREEN;
+} else if (isJavaScript || fileExtension.equals("js")) {
+    highlightColor = HighlightColor.YELLOW;
+}
+
+String responseBody = requestResponse.response().bodyToString();
+String[] commentPatterns = {"<!--(.*?)-->", "/[*][*](.*?)[*][*]/"};
+
+for (String pattern : commentPatterns) {
+    Pattern regexPattern = Pattern.compile(pattern, Pattern.DOTALL);
+    Matcher matcher = regexPattern.matcher(responseBody);
+
+    while (matcher.find()) {
+        foundDeveloperNotes = true;
+        if (manualColorHighlightEnabled) {
+            if (notesBuilder.length() > 0) {
+                notesBuilder.append("; ");
+            }
+            notesBuilder.append("Developer note found: ").append(matcher.group());
+        }
+    }
+}
+
+if (foundDeveloperNotes) {
+    requestResponse.annotations().setHighlightColor(highlightColor);
+    if (manualColorHighlightEnabled && notesBuilder.length() > 0) {
+        requestResponse.annotations().setNotes(notesBuilder.toString());
+    }
+}
+
+return foundDeveloperNotes;