MongoBleed Detector v1.1.0 – Temp-File Output, Export, and Lifecycle Hardening

MongoBleed Detector v1.1.0

Overview

This release improves output handling, lifecycle safety, and export usability for large leak datasets.

What's New

• Added disk-backed temporary leak storage (TempLeakStore) to avoid high heap memory usage.
• Added Download Output button to export collected results as .txt.
• Added temp-file rotation: old output is removed when a new scan starts.
• Added cleanup on extension unload/reload and Burp shutdown.
• Added active socket cancellation to stop in-flight scans cleanly.

Stability and Quality Improvements

• Added extension unload handler (IExtensionStateListener) for graceful shutdown.
• Added scanner error logging to Burp stderr for easier debugging.
• Added throttling of repeated probe I/O errors to prevent log flooding.
• Improved read-failure handling for details/copy/export paths with clear user feedback.

Build

• Artifact: build/libs/mongobleed-burp-1.1.0.jar
• Java: 8+
• Burp Extender API: 2.3

Notes

• Extension traffic uses direct MongoDB socket connections (not Burp HTTP stack), so it is not shown in Logger and is not affected by proxy settings.
• For authorized security testing only.

Mongo Bleed Burp v1.0.0

• Manual MongoBleed tester tab with host/port and min/max offsets
• In‑memory leak capture with hex + text views and result previews
• Keyword highlighting and filtering for leaked fragments
• Repository focused solely on the Burp extension (no Docker fixtures)