Burp Extensions - Burp Suite User Forum

IScanQueueItem.getIssues() not returning issues

IScanQueueItem.getStatus returns the updated Status but IScanQueueItem.getIssues() not returning any issues of completed scans. But Burp UI shows issues in portal. Am I missing anything? I'm testing with Burp pro...

Decode Base64 Post body for Scanner

Hi team, I have a requirement wherein I want to perform active scan on requests that contain base64 encoded POST body. The entire body is base64 encoded. The body when decoded, gives JSON data. I want to write an extension...

See modified Request in Extension

Hi there, I have two extensions, I make a request in one of the extensions in the same extension I modify the request/response in processHttpMessage method. I can see this modified request/response in Logger correctly....

Requesting more details on security reviews executed by PortSwigger on BappStore extensions

Hello! Based on the following quoted text extracted from: https://portswigger.net/burp/documentation/desktop/extensions "We review community-created extensions for security and quality before we make them available...

Get Websocket Server IP

I'm working on a websocket extension and would like to grab the host/ip and port of the websocket server when a websocket message is received. Looking at the API it looks like this is not possible, but I'm a newb with Java...

HttpRequest.httpRequest() to Proxy?

Newb here. I figured out how to send an HTTP request using montoya but it's not registered by Proxy. Is it possible to send an HTTP request and have it registered by the Proxy tool? Can someone point me in the right...

Extensions List is Empty in BApp store

Hello team, I'm using Burp Suite Professional v2023.3.5 in my company system and it windows 10.In BApp store the list is empty i reinstalled the burp and restarted the system but no use. Can you help me with...

Flush Preferences

Hi PortSwigger Team, I'm seeing some odd behavior with both the extensionData and preferences objects in Montoya. I've written an extension that tries to store settings that will persist after reloading the extension or...

Failed to load Python interpreter from Jython JAR file

Hello Dear, I am facing an error. I am not able to add my extension in Burp. I am getting the follow error: java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.a3t.<init>(Unknown...

Error running IPRotate burp extension

Hi people, I'm trying to use IPRotate burp extension to rotate my IP addresses but I'm having some issue using this. First I set up standalone Jython v2.7.3, then boto3 then installed IP Rotate extension from burp...

Scan Configuration

I am building an extension that calls doActiveScan and doPassiveScan. Is there a way to specify the scanner configuration. Currently tasks are created and there is a default scanner configuration used named Current auditing...

Accessing websocket messages

Is it possible to access websocket messages? I can use proxylistener to get the HTTP request but not the actual websocket messages. If possible are there any basic proof-of-concepts out there in python? TIA.

Export Burp dynamic generated certs to disk using python extension

I am trying to export the auto generated certs from Burp to disk, by developing a Python extension. I found some similar messages from other folks in past, the goal is same, be able to use burp and WireShark for SSL...

Viewstate Editor

Hello. I am trying to get the Viewstate Editor tab. I manually loaded the updated Bapp file https://portswigger.net/bappstore/ba17d9fb487448b48368c22cb70048dc and still no tab.

failed file

previously my burp suite was fine but today suddenly my burpsuite can't be opened and I re-downloaded the latest version of the burp suite file. But when I download the file it can't pliss help me

The scan is configured to use recorded login sequences. This requires browser-powered scanning, which your hardware does not support. Please see the system requirements for details.

Hi, I'm using Burp Suite Enterprise with the 30 days of trial; I followed the login sequences and got the error message; Here is the collected information for your reproduce the scenario please STEPS: 1)...