mcp

package
v0.1.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 22, 2026 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// ClientName identifies sectool to the MCP server.
	ClientName = "sectool"

	// ProtocolVersion is the MCP protocol version we support.
	ProtocolVersion = "2024-11-05"

	// DefaultDialTimeout is the timeout for establishing a connection.
	DefaultDialTimeout = 10 * time.Second
)
View Source 
const (
	RuleTypeRequestHeader  = "request_header"
	RuleTypeRequestBody    = "request_body"
	RuleTypeResponseHeader = "response_header"
	RuleTypeResponseBody   = "response_body"
)

Rule type constants for HTTP match/replace rules.

View Source 
const (
	RuleCategoryRegex   = "regex"
	RuleCategoryLiteral = "literal"
)

Rule category constants.

Variables

View Source 
var ErrClientClosed = errors.New("client closed")

ErrClientClosed is returned when an operation is attempted on a closed client.

View Source 
var ErrConfigEditingDisabled = errors.New("config editing disabled in Burp MCP settings")

ErrConfigEditingDisabled is returned when Burp's MCP config editing is not enabled.

View Source 
var ErrNotConnected = errors.New("not connected to Burp MCP")

ErrNotConnected is returned when an operation is attempted without a connection.

Functions

This section is empty.

Types

type BurpClient 

type BurpClient struct {
	// contains filtered or unexported fields
}

BurpClient wraps the mcp-go SSE client to provide Burp-specific functionality. Thread-safe for concurrent use. All MCP operations are serialized via mutex.

func New 

func New(url string, opts ...Option) *BurpClient

New creates a new BurpClient and starts the health monitoring loop. Call Connect to establish the connection, or let operations connect lazily.

func (*BurpClient) Close 

func (c *BurpClient) Close() error

Close closes the client and stops the health loop. Safe to call multiple times.

func (*BurpClient) Connect 

func (c *BurpClient) Connect(ctx context.Context) error

Connect establishes the SSE connection and performs the MCP handshake. Safe to call multiple times - returns immediately if already connected.

func (*BurpClient) CreateRepeaterTab 

func (c *BurpClient) CreateRepeaterTab(ctx context.Context, params RepeaterTabParams) error

CreateRepeaterTab creates a new Repeater tab in Burp with the specified request.

func (*BurpClient) GetActiveEditorContents 

func (c *BurpClient) GetActiveEditorContents(ctx context.Context) (string, error)

GetActiveEditorContents retrieves the contents of the user's active message editor.

func (*BurpClient) GetMatchReplaceRules 

func (c *BurpClient) GetMatchReplaceRules(ctx context.Context) ([]MatchReplaceRule, error)

GetMatchReplaceRules retrieves HTTP match/replace rules from project options.

func (*BurpClient) GetProxyHistory 

func (c *BurpClient) GetProxyHistory(ctx context.Context, count, offset int) ([]ProxyHistoryEntry, error)

GetProxyHistory retrieves proxy HTTP history entries. Returns up to count entries starting from offset.

func (*BurpClient) GetProxyHistoryRaw 

func (c *BurpClient) GetProxyHistoryRaw(ctx context.Context, count, offset int) (string, error)

GetProxyHistoryRaw retrieves proxy HTTP history as raw text (for debugging).

func (*BurpClient) GetProxyHistoryRegex 

func (c *BurpClient) GetProxyHistoryRegex(ctx context.Context, regex string, count, offset int) ([]ProxyHistoryEntry, error)

GetProxyHistoryRegex retrieves filtered proxy HTTP history entries. The regex uses Java regex syntax and matches against full request+response.

func (*BurpClient) GetProxyWebsocketHistory 

func (c *BurpClient) GetProxyWebsocketHistory(ctx context.Context, count, offset int) ([]WebSocketHistoryEntry, error)

GetProxyWebsocketHistory retrieves proxy WebSocket history entries.

func (*BurpClient) GetProxyWebsocketHistoryRaw 

func (c *BurpClient) GetProxyWebsocketHistoryRaw(ctx context.Context, count, offset int) (string, error)

GetProxyWebsocketHistoryRaw retrieves proxy WebSocket history as raw text.

func (*BurpClient) GetProxyWebsocketHistoryRegex 

func (c *BurpClient) GetProxyWebsocketHistoryRegex(ctx context.Context, regex string, count, offset int) ([]WebSocketHistoryEntry, error)

GetProxyWebsocketHistoryRegex retrieves filtered proxy WebSocket history entries.

func (*BurpClient) GetWSMatchReplaceRules 

func (c *BurpClient) GetWSMatchReplaceRules(ctx context.Context) ([]MatchReplaceRule, error)

GetWSMatchReplaceRules retrieves WebSocket match/replace rules from project options.

func (*BurpClient) IsConnected 

func (c *BurpClient) IsConnected() bool

IsConnected returns true if connected to the MCP server.

func (*BurpClient) OnConnectionLost 

func (c *BurpClient) OnConnectionLost(handler func(error))

OnConnectionLost sets a handler to be called when the connection is lost. Can be called at any time. The handler is called asynchronously.

func (*BurpClient) SendHTTP1Request 

func (c *BurpClient) SendHTTP1Request(ctx context.Context, params SendRequestParams) (string, error)

SendHTTP1Request sends an HTTP/1.1 request through Burp and returns the response. Note: This bypasses the proxy (direct from Burp) and does NOT appear in proxy history.

func (*BurpClient) SendHTTP2Request 

func (c *BurpClient) SendHTTP2Request(ctx context.Context, params SendHTTP2RequestParams) (string, error)

SendHTTP2Request sends an HTTP/2 request through Burp and returns the response. Note: This bypasses the proxy (direct from Burp) and does NOT appear in proxy history.

func (*BurpClient) SendToIntruder 

func (c *BurpClient) SendToIntruder(ctx context.Context, params IntruderParams) error

SendToIntruder creates a new Intruder tab with the specified HTTP request.

func (*BurpClient) SetActiveEditorContents 

func (c *BurpClient) SetActiveEditorContents(ctx context.Context, text string) error

SetActiveEditorContents sets the contents of the user's active message editor.

func (*BurpClient) SetInterceptState 

func (c *BurpClient) SetInterceptState(ctx context.Context, intercepting bool) error

SetInterceptState enables or disables proxy intercept mode.

func (*BurpClient) SetMatchReplaceRules 

func (c *BurpClient) SetMatchReplaceRules(ctx context.Context, rules []MatchReplaceRule) error

SetMatchReplaceRules sets HTTP match/replace rules in project options.

func (*BurpClient) SetTaskExecutionEngineState 

func (c *BurpClient) SetTaskExecutionEngineState(ctx context.Context, running bool) error

SetTaskExecutionEngineState starts or stops Burp's task execution engine. When running=true, tasks will execute; when running=false, tasks are paused.

func (*BurpClient) SetWSMatchReplaceRules 

func (c *BurpClient) SetWSMatchReplaceRules(ctx context.Context, rules []MatchReplaceRule) error

SetWSMatchReplaceRules sets WebSocket match/replace rules in project options.

func (*BurpClient) URL 

func (c *BurpClient) URL() string

type IntruderParams 

type IntruderParams struct {
	TabName        string
	Content        string
	TargetHostname string
	TargetPort     int
	UsesHTTPS      bool
}

IntruderParams are the parameters for send_to_intruder.

type MatchReplaceRule 

type MatchReplaceRule struct {
	Category      string `json:"category"` // "regex" or "literal"
	Comment       string `json:"comment"`  // stores sectool ID and optional label
	Enabled       bool   `json:"enabled"`
	RuleType      string `json:"rule_type"`
	StringMatch   string `json:"string_match,omitempty"`
	StringReplace string `json:"string_replace,omitempty"`
}

MatchReplaceRule represents a Burp proxy match and replace rule. HTTP rules use RuleType values: request_header, request_body, response_header, response_body WebSocket rules use RuleType values: client_to_server, server_to_client, both_directions

type Option 

type Option func(*BurpClient)

Option configures the BurpClient.

func WithHTTPClient 

func WithHTTPClient(httpClient *http.Client) Option

WithHTTPClient sets a custom HTTP client for the connection.

func WithHealthCheckInterval added in v0.1.6 

func WithHealthCheckInterval(d time.Duration) Option

WithHealthCheckInterval overrides the default health check interval. Set to 0 to disable the health check loop entirely.

type ProxyHistoryEntry 

type ProxyHistoryEntry struct {
	Request  string `json:"request"`
	Response string `json:"response"`
	Notes    string `json:"notes"`
}

ProxyHistoryEntry represents a single NDJSON entry from get_proxy_http_history.

type RepeaterTabParams 

type RepeaterTabParams struct {
	TabName        string
	Content        string
	TargetHostname string
	TargetPort     int
	UsesHTTPS      bool
}

RepeaterTabParams are the parameters for create_repeater_tab.

type SendHTTP2RequestParams 

type SendHTTP2RequestParams struct {
	PseudoHeaders  map[string]string // e.g. {":method": "GET", ":path": "/", ":authority": "example.com"}
	Headers        map[string]string // e.g. {"User-Agent": "sectool"}
	RequestBody    string
	TargetHostname string
	TargetPort     int
	UsesHTTPS      bool
}

SendHTTP2RequestParams are the parameters for send_http2_request. HTTP/2 uses pseudo-headers (:method, :path, :authority, :scheme) and regular headers.

type SendRequestParams 

type SendRequestParams struct {
	Content        string
	TargetHostname string
	TargetPort     int
	UsesHTTPS      bool
}

SendRequestParams are the parameters for send_http1_request.

type WebSocketHistoryEntry 

type WebSocketHistoryEntry struct {
	Direction string `json:"direction"`
	Payload   string `json:"payload"`
	Opcode    string `json:"opcode,omitempty"`
}

WebSocketHistoryEntry represents a single entry from proxy websocket history.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.