Create HighlightResponsesWithDeveloperNotes

* This script identifies and highlights HTTP responses containing developer notes in HTML, JavaScript, or other files. * It differentiates the types of files and highlights them accordingly: green for HTML, yellow for JavaScript, and blue for other types.
PortSwigger · Dec 7, 2023 · f97407b · f97407b
1 parent 3deb882
commit f97407b
Showing 1 changed file with 61 additions and 0 deletions.
diff --git a/Proxy/HTTP/HighlightResponsesWithDeveloperNotes b/Proxy/HTTP/HighlightResponsesWithDeveloperNotes
@@ -0,0 +1,61 @@
+/**
+ * Bambda Script to Highlight Responses with Developer Notes
+ * This script identifies and highlights HTTP responses containing developer notes in HTML, JavaScript, or other files.
+ * It differentiates the types of files and highlights them accordingly: green for HTML, yellow for JavaScript, and blue for other types.
+ * Author: Tur24Tur
+ * GitHub: @BugBountyzip (https://github.com/BugBountyzip)
+ **/
+
+boolean manualColorHighlightEnabled = true;
+Set<String> ignoredExtensions = Set.of("mp4", "mp3", "png", "gif", "jpg", "jpeg", "css", "pdf");
+
+if (!requestResponse.hasResponse()) {
+    return false;
+}
+
+String requestUrl = requestResponse.request().url().toString();
+String fileExtension = requestUrl.substring(requestUrl.lastIndexOf('.') + 1).toLowerCase();
+
+if (ignoredExtensions.contains(fileExtension)) {
+    return false;
+}
+
+String contentType = requestResponse.response().headerValue("Content-Type");
+boolean isHtml = contentType != null && contentType.toLowerCase().contains("text/html");
+boolean isJavaScript = contentType != null && contentType.toLowerCase().contains("application/javascript");
+boolean foundDeveloperNotes = false;
+StringBuilder notesBuilder = new StringBuilder();
+HighlightColor highlightColor = HighlightColor.BLUE; // Default color
+
+if (isHtml || fileExtension.equals("html") || fileExtension.equals("htm")) {
+    highlightColor = HighlightColor.GREEN;
+} else if (isJavaScript || fileExtension.equals("js")) {
+    highlightColor = HighlightColor.YELLOW;
+}
+
+String responseBody = requestResponse.response().bodyToString();
+String[] commentPatterns = {"<!--(.*?)-->", "/[*][*](.*?)[*][*]/"};
+
+for (String pattern : commentPatterns) {
+    Pattern regexPattern = Pattern.compile(pattern, Pattern.DOTALL);
+    Matcher matcher = regexPattern.matcher(responseBody);
+
+    while (matcher.find()) {
+        foundDeveloperNotes = true;
+        if (manualColorHighlightEnabled) {
+            if (notesBuilder.length() > 0) {
+                notesBuilder.append("; ");
+            }
+            notesBuilder.append("Developer note found: ").append(matcher.group());
+        }
+    }
+}
+
+if (foundDeveloperNotes) {
+    requestResponse.annotations().setHighlightColor(highlightColor);
+    if (manualColorHighlightEnabled && notesBuilder.length() > 0) {
+        requestResponse.annotations().setNotes(notesBuilder.toString());
+    }
+}
+
+return foundDeveloperNotes;