Burp.js

<h1 align="center">burp.js by <a href="https://turingsecure.com" target="_blank">turingsecure.</a></h1> <p> <img alt="Version" src="https://img.shields.io/badge/version-0.1.2-blue.svg?cacheSeconds=2592000" /> <a href="#" target="_blank"> <img alt="License: MIT" src="https://img.shields.io/badge/License-MIT-yellow.svg" /> </a> </p>

burp.js is a client side parser for Burp XML output files.

Installation

Install the @turingsecure/burp.js package:

# use yarn or npm
yarn add @turingsecure/burp.js

Import the library to use it in your code:

import { BurpParser } from "@turingsecure/burp.js";

Usage

To parse an XML file, you just have to execute the imported function.

const xml = "burpscan xml";
const parsed = BurpParser(xml);

Note: If the requests and responses are base64 encoded, they will be automatically decoded

API

The BurpParser function returns an array of issues.

If you do not want decoded requests and responses, you can pass a flag:

const xml = "burpscan xml";
const parsed = BurpParser(xml, false);

An issue object has the following properties:

| Property | Type | | ---------------------------- | ------------------ | | serialNumber | string | | name | string | | type | string | | host | string | | path | string | | location | string | | severity | string | | confidence | string | | issueBackground | string | | remediationBackground | string | | vulnerabilityClassifications | string | | issueDetail | string | | references | string | | requestresponse | RequestResponse[ ] |

requestresponse is an array of RequestResponse objects with the following properties:

| Property | Type | | ------------------ | ------ | | request | string | | response | string | | responseRedirected | string |

Contributing

Contributions, issues and feature requests are welcome. Feel free to check out the issues page if you want to contribute.

License

Copyright © 2025 turingsecure. This project is MIT licensed.