Belch

Documentation

Belch is a binary protocol pen-testing tool. It is used to aid in automation of testing AMF and Java-Serialization applications.

Belch performs on the fly transformation of binary data to human readable XML format. It was tested successfully against AMF version 3 and Java Serialization applications. Belch can be used as a translation peer for any Automatic scanner integrating automatic testing to the binary communication. Belch has been tested with various scanners such as BurpSuite, Accunetix, AppScan, Sqlmap etc.

Downloading

Click here to download the latest version of Belch (1.0.13).

Installation

Belch acts as an add-on to Burp Suite proxy.

1. Download the latest version of Belch.

2. Update the burp-suite jar that is in the /lib/ folder to latest version

3. Run the Belch.bat (windows) or the Belch.sh (*nix)

4. Configure burp with 2 listeners (one should redirect to the second)

5. Enjoy Belch!

For further documentations and updates take a look at the left toolbar! For the demonstration video, click here!

Chilik Tamir and the AppSec Labs team

* Name:
* Email:
* Phone:
Company:

Application Security

Belch

Our Books

Managed Code Rootkits

by Erez Metula

Contact Us

You are here

Belch

Our Books

Managed Code Rootkits

by Erez Metula

Contact Us