mirror of
https://github.com/th30d4y/BURP-AI.git
synced 2026-05-26 11:35:52 +00:00
Stalin-143
144 lines
4.6 KiB
Markdown
144 lines
4.6 KiB
Markdown
# CHANGELOG
|
|
|
|
All notable changes to BurpAI will be documented in this file.
|
|
|
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
|
|
## [1.0] - 2026-03-23
|
|
|
|
### ✨ Added
|
|
|
|
#### Core Features
|
|
- **AI-Powered Analysis:** Integration with multiple AI models (Kimi, DeepSeek, GLM, Qwen, LLaMA, Mistral, etc.)
|
|
- **Chat Interface:** Interactive chat display with message history and timestamps
|
|
- **HTTP Capture:** Real-time HTTP request/response capture via IHttpListener
|
|
- **Context Menu Integration:** Right-click "Send to BurpAI" functionality in Proxy, Repeater, and Target tabs
|
|
- **Native Repeater:** Built-in request/response editor using Burp's native message editors
|
|
- **History Table:** Complete request history with method, host, path, and status columns
|
|
|
|
#### Security & Configuration
|
|
- **API Key Management:** First-load dialog for API key configuration
|
|
- **Persistent Storage:** Secure configuration storage in `~/.burpaai/config.json`
|
|
- **Model Selection:** Dropdown to switch between 11 supported AI models
|
|
- **Auto-Analysis:** Optional automatic analysis checkbox for captured requests
|
|
|
|
#### UI/UX
|
|
- **Professional Dark Theme:** Dark mode interface matching Burp Suite aesthetics
|
|
- **Responsive Layout:** BorderLayout with horizontal/vertical split panels
|
|
- **Toolbar:** Compact toolbar with API key input, model selector, and status indicator
|
|
- **Split Panes:** Resizable panels for chat, history, and repeater sections
|
|
|
|
#### Technical
|
|
- **Threading:** Non-blocking async operations using Java threading
|
|
- **Error Handling:** Comprehensive try-catch blocks with detailed logging
|
|
- **Jython 2.7 Compatible:** Full compatibility with Jython 2.7 in Burp Suite
|
|
- **Memory Optimized:** Configurable history limit (default: 1000 entries)
|
|
- **Clean Imports:** Explicit Java/Swing imports without generic java. prefix
|
|
|
|
### 🔧 Fixed
|
|
|
|
- Fixed HTTP capture not triggering (IHttpListener properly registered)
|
|
- Fixed chat display null pointer exceptions
|
|
- Fixed Jython module caching issues with defensive getattr() wrappers
|
|
- Fixed API key loading on first run
|
|
- Fixed message editor initialization errors
|
|
|
|
### 📚 Documentation
|
|
|
|
- `README.md` - Comprehensive setup and usage guide
|
|
- `DISCLAIMER.md` - Legal notice and warranty disclaimer
|
|
- `SECURITY.md` - Security policy and vulnerability reporting
|
|
- `COLLABORATION.md` - Contribution guidelines
|
|
- `CHANGELOG.md` - This file
|
|
|
|
### 🔐 Security
|
|
|
|
- No known vulnerabilities at release
|
|
- All third-party dependencies reviewed
|
|
- HTTPS-only API communication
|
|
- Input validation and sanitization
|
|
- No telemetry or external tracking
|
|
|
|
### 📦 Dependencies
|
|
|
|
- Python 2.7+ (via Jython)
|
|
- Burp Suite API (IBurpExtender, ITab, IHttpListener, IContextMenuFactory)
|
|
- Java 8+ (Swing, AWT components)
|
|
- urllib2/urllib (HTTP requests)
|
|
|
|
### 🚀 Known Limitations
|
|
|
|
- Jython 2.7 limits some Python 3 features
|
|
- AI responses depend on selected model quality
|
|
- API rate limits apply (model/vendor specific)
|
|
- Local storage of chat history (not encrypted)
|
|
- Single API key per extension instance
|
|
|
|
### 🎯 Future Roadmap
|
|
|
|
- [ ] Multi-API support (rotate between providers)
|
|
- [ ] Encrypted local storage for chat history
|
|
- [ ] Export analysis reports (PDF, JSON)
|
|
- [ ] Custom prompt templates
|
|
- [ ] Multi-language support
|
|
- [ ] Machine learning for pattern recognition
|
|
- [ ] Integration with other Burp plugins
|
|
- [ ] Web UI alternative
|
|
|
|
### 💻 Installation
|
|
|
|
1. Download `burpaai.py`
|
|
2. In Burp Suite: Extensions → Add → Select file
|
|
3. On first load: Enter your AI API key
|
|
4. Start analyzing requests!
|
|
|
|
### 🙏 Contributors
|
|
|
|
Initial release developed with focus on:
|
|
- Production-grade code quality
|
|
- Jython 2.7 compatibility
|
|
- Professional UI/UX
|
|
- Security best practices
|
|
- Comprehensive documentation
|
|
|
|
---
|
|
|
|
## Versioning
|
|
|
|
- **1.0** (March 23, 2026) - Initial public release
|
|
|
|
### Semantic Versioning
|
|
|
|
- **MAJOR** (1.0.0): Breaking changes or major new features
|
|
- **MINOR** (1.0.0): New features, backward compatible
|
|
- **PATCH** (1.0.1): Bug fixes, no new features
|
|
|
|
### Release Schedule
|
|
|
|
- Security patches: As needed
|
|
- Minor updates: Every 2-4 weeks
|
|
- Major updates: As warranted by community feedback
|
|
|
|
---
|
|
|
|
## How to Report Issues
|
|
|
|
Found a bug? Please report it on [GitHub Issues](https://github.com/Stalin-143/BURP-AI/issues)
|
|
|
|
Include:
|
|
- BurpAI version
|
|
- Burp Suite version
|
|
- OS and Python version
|
|
- Steps to reproduce
|
|
- Error logs/stacktrace
|
|
|
|
## Security Updates
|
|
|
|
Security vulnerabilities should be reported privately. See [SECURITY.md](SECURITY.md) for details.
|
|
|
|
---
|
|
|
|
**Last Updated:** March 23, 2026
|
|
**Current Stable Release:** 1.0
|