Encode Authorization Header Plugin for Burp Suite

This Burp Suite plugin modifies a proxied request to Base-64 encode the Authorization header. It is written completely in Java and takes advantage of the Burp 1.5.x Extender API.

The purpose of this extension is to allow you to use a tool such as SQLMap to attack the username and/or password fields in the Authorization header, which is Base-64 encoded (SQLMap will not Base-64 encode its payloads). By proxying the request through Burp Suite, and using this plugin, we can achieve the same result.

I'd be interested in any feedback, please contact me.

Download binary Source code to be released at a later date

Burp Suite 1.5.x required for use.


Creative Commons License
DOM-XSS Scanner Checks by August Detlefsen is licensed under a
Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.