ReconAIzer is a Burp Suite extension designed for bug bounty hunters, automating reconnaissance tasks by integrating OpenAI's GPT capabilities. It helps discover endpoints, parameters, URLs, and subdomains, streamlining the vulnerability identification process.

How It Works

This Jython extension integrates with Burp Suite, adding a contextual menu and a dedicated tab for results. It leverages OpenAI's GPT models to process web application data, identifying potential areas of interest for security researchers. The core advantage lies in automating repetitive recon tasks, allowing hunters to focus on analysis and exploitation.

Quick Start & Requirements

• Installation: Requires downloading the Jython Standalone Jar, configuring it in Burp Suite's "Extensions settings," and then adding the ReconAIzer.py extension file via the "Extensions" tab.
• Prerequisites: Burp Suite, Jython Standalone Jar, and an OpenAI API key.
• Configuration: The OpenAI API key must be entered in the "Config" tab under the "ReconAIzer" tab.
• Documentation: https://www.jython.org/download for Jython, https://platform.openai.com/account/api-keys for API keys.

Highlighted Details

• Automates endpoint, parameter, URL, and subdomain discovery.
• Integrates OpenAI GPT for enhanced recon capabilities.
• Adds contextual menus and a dedicated results tab within Burp Suite.

Maintenance & Community

The project encourages prompt improvements and feature suggestions from users. No specific community channels or contributor information are detailed in the README.

Licensing & Compatibility

The README does not specify a license. Compatibility is limited to Burp Suite with Jython integration.

Limitations & Caveats

The extension's functionality is dependent on the availability and performance of OpenAI's API. The README does not mention specific performance benchmarks or known limitations of the GPT integration.