Skip to content

sandumjacob/burp-garak

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
.github/workflows
.github/workflows
 
 
META-INF
META-INF
 
 
burp-garak
burp-garak
 
 
utils
utils
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

burp-garak

Burpsuite Extension that lets you test LLMs with the Garak REST generator using the Burp UI

This version currently only generates the garak.json file from a Burpsuite request and response that can be used with the REST generator in Garak.

How it works

Uses the Burpsuite Montoya API to extend Burpsuite.

Uses the Garak REST Generator: https://reference.garak.ai/en/latest/garak.generators.rest.html

Usage

Load the extension into Burpsuite with the built JAR file. You also need to add org.json JAR file to Burpsuite.

In intercepted requests and repeater, there will be a context menu under extensions. You can use this context menu to send request-responses to the Garak extension tab in Burpsuite.

Screenshot_20241223_095406

In the Garak extension tab, you can then export a garak.json file using the request-response you added. image

garak --model_type rest -G /tmp/garak.json

Builds are in the actions tab. Import the built Jar into Burp Extender

Dependencies

org.json:json

TODO

  • Improve UI
    • Intruder-esque selection of relevant JSON field for Garak in request and response
  • Run Garak from Burp
  • Show Garak output in Burp
  • Add Maven tests
  • Publish to Burp extensions

Building

The Java project is in

burp-garak
burp-garak/pom.xml

Used JDK 22

About

Burpsuite Extension that lets you test LLMs with the Garak REST generator using the Burp UI

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages