Summary

rep+ is a Chrome DevTools extension that provides a Burp Suite-like HTTP Repeater, enhanced with AI capabilities for request explanation and attack vector suggestions. It targets bug bounty hunters and vulnerability researchers, offering a fast, focused, and intelligent alternative to full proxy setups directly within the browser.

How It Works

This lightweight extension captures HTTP requests across all browser tabs, allowing users to replay and manipulate raw request components without proxy configuration. It integrates with Anthropic's Claude models, enabling AI-driven explanations of requests/responses and automated suggestions for potential security vulnerabilities. Key features include multi-tab visibility, smart filtering, data converters, and a built-in screenshot tool.

Quick Start & Requirements

• Installation: Clone the repository (git clone https://github.com/bscript/rep.git), navigate to chrome://extensions/, enable Developer mode, and load the unpacked extension folder. Access via the rep+ tab in Chrome DevTools (F12).
• Prerequisites: Google Chrome browser. An Anthropic API Key and configured Claude model (e.g., Claude 3.5 Sonnet) are required for AI features.
• Links: GitHub Repository

Highlighted Details

• No Proxy Setup: Operates directly within Chrome, eliminating the need for system proxy configuration or certificate installation.
• Global Visibility: Captures and displays network requests from all open tabs, visually distinguishing them.
• Bulk Replay: Offers Intruder-style attack modes (Sniper, Battering Ram, Pitchfork, Cluster Bomb) for automated payload testing against multiple positions.
• Unified Extractor: Includes a secret scanner for JS files (using entropy analysis) and an endpoint extractor to identify API paths and URLs.
• AI-Powered Analysis: Features include "Explain Request," "Suggest Attack Vectors," and context-aware AI explanations via right-click.

Maintenance & Community

The project is maintained by a single developer in their free time, with users encouraged to report bugs and suggest features via GitHub issues. Sponsorship is welcomed to support ongoing development.

Licensing & Compatibility

The project's license is not specified in the provided documentation. Compatibility is limited to Google Chrome as a browser extension. The lack of a defined license makes commercial use or integration into closed-source projects uncertain.

Limitations & Caveats

AI features are dependent on an external Anthropic API key, potentially incurring costs and introducing a third-party dependency. The absence of a specified license poses adoption risks regarding usage rights. Development pace and long-term support may be constrained by the single maintainer's availability.