Introduction to the Cyber Security Transformation Chef (CSTC)

Introducing the Cyber Security Transformation Chef, or in short CSTC, our BurpSuite plugin with the ability to automate a wide range of transformations when testing a web application or API. Inspired by the GHCQ CyberChef the CSTC brings its functionality into BurpSuite with the ability to define and apply "recipes" to outgoing HTTP requests as well as incoming HTTP responses. The modularity of the CSTC enables expanding the plugin with further tranformations operations with ease. With the high degree of automation that can be achieved by the CSTC, without the need for writing custom scripts, the plugin is a huge win when dealing with pentests of web applications.

This video gives a short introduction on the general idea of the CSTC and how to get it up and running. Furthermore, it walks you through the UI and features of the plugin along the lines of exemplary use-cases.

CSTC GitHub Repository: https://github.com/usdAG/cstc
Other tools developed by usd AG: https://herolab.usd.de/unsere-plattfo...
Blog: https://herolab.usd.de/labnews/