This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate. The objective is to simplify as much as possible the process of setting up and maintaining the server.
Delegate a subdomain to your soon to be burp collaborator server IP address. At the minimum you'll need a NS record for the subdomain to be used (e.g. burp.example.com) pointing to your new server's A record:
burp.example.com IN NS burpserver.example.com
burpserver.example.com IN A 18.104.22.168
Check https://portswigger.net/burp/documentation/collaborator/deploying#dns-configuration for further info.
./burp/pkg/burp.jar(make sure the name is exactly
burp.jar, and it is the actual file not a link)
./init.sh burp.example.com 22.214.171.124
This will start the environment for the subdomain
burp.example.com, creating a wildcard certificate as
I'm using an ugly hack on the certbot-dns-cloudflare plugin from certbot, where it just runs a local dnsmasq with the required records, and makes all of this automagically happen.
If everything is OK, burp will start with the following message:
Burp is now running with the letsencrypt certificate for domain *.burp.example.com
You can check by running
docker ps, and going to burp, and pointing the collaborator configuration to your new server.
Keep it mind that this configuration configures the polling server on port 9443.
The init.sh script will be renamed and disabled, so no accidents may happen.
./certbot/certificaterenewal.sh. When run, it renews the certificate if it expires in 30 days or less;
docker restart burp
Author: Bruno Morisson