Burp Extensions - Burp Suite User Forum

getProxyInterceptionEnabled() ?

Hello, For an extension I'm developing, I'd like to have the getter counterpart of setProxyInterceptionEnabled(), that would return either the proxy is enabled or not. I'm not able to find it anywhere, neither another...

Having an IScannerInsertionPointProvider that only provides IScannerInsertionPoint objects to my extension's IScannerCheck

Hi Portswigger people I have written an extension to automatically perform a variety of manipulations on URL paths, send a modified request and then check the response. For example, add various additional extensions to...

how to install burp moudle in jpython

as the title says,idont known how where to find the burp moudle

Unable to import Crypto.Cipher module for python plugin

Please refer to the following stack trace: Traceback (most recent call last): File "C:\Users\..\plugin.py", line 15, in <module> from Crypto.Cipher import PKCS1_v1_5 as Cipher_PKCS1_v1_5 File...

Lab: Combining web cache poisoning vulnerabilities

Has anyone noticed an issue with Param Miner not able to find the headers required for this lab? Not sure if it's my Param Miner, my Burp, or the lab itself. I've tried by disabling nearly all the other extensions, but my...

Office Open Xml Editor (OOXE) not Displaying after install

Hello Guys ? i am using burp suite pro 2020 , some of my extension are not displaying like office xml editor, please help me

Turbo Intruder cause Burp's memory Full

Hi, I am using Burp Suite Pro v2.1.04, when I use Turbo Intruder Extension(which is working very good) and send 500+ Requests per Second sometimes burp's suite memory becomes full, 225mb and it hangs. Is there any way to...

Setting Background of a JPanel when using the callback.CustomizeUiComponents method.

I am done creating my extension and making it look a little presentable and organized. I have been look for ways to set the background color of a JPanel when using a jpanel and calling the callback.CustomizeUiComponents...

Query Regarding Cross-site request forgery

Issue : In Our application we are using cookie lastAccesTimeForCurrentSession to validate the session. Previously we were not using the SameSite attribute in Cookie, Now we started using SameSite with Strict mode. Browser...

WebSocket API

I'm dealing more and more with websockets: is there _any_ way to modify requests on the fly? I'm not afraid of writing a custom extension or fiddle with scripting my own tools. FWIW, if you provide some guidance, I could...

About inbuilt chromium browser

I am using a burp suite in mac os Catalina, when I use a website run burp suite open browser then it open chromium, and then the problem, is each and every website (online site as well as websites on my localhost ) took...

deserialisation scanner

Enable to use the exploitation tab of deserialization scanner to solve some deserialization LAB, when i'm lunching this extention i get this error message : com.nqzero.permit.Permit$InitializationFailed: initialization...

Burp Collaborator Everywhere generate inaccessible domains

Hello. To any request in scope, the Collaborator Everywhere adds an extra headers, which are visible in the Edited request tab. But even when I turn on Burp Collaborator Client before any request I can not see anything....

Changing parameter data: unexpected behavior

What I am trying to achieve is changing a parameter value. But in the greater perspective, I'm looking for the correct way on how to change multiple things to a request. The process I currently use, gives me unexpected...

setHighlight: shows in http history, but not my own table. How do I make it show in my table?

I wrote an extension, that after some checking, marks certain ((IHttpRequestResponse) messages, using message.getMessageInfo().setHighlight('red') What I don't fully grasp is: The marked messages show correctly 'red' in...

Highlighting in the Text Editor

In newer versions of Burp, the text editor highlights the request and response. Now for extensions it would be nice to "hook" into this process or replicate it in the TextEditor. I've tried to add <html> at the start of...

Jython - ImportError: No module named expatreader

Hi, I would like to use defusedxml package. I am using Jython 2.7.1 standelone and I created virtual pyhton env where I installed defusedxml. I set up in bup extender "folder for loading modules" to -...

apa citation generator for students

Plagiarism checker and apa citation generator for students who are looking for professional help for essay wrinting or research papers for any topics. We provide number of tools and help to solve your issue and perform...

Using Requests Module Python

I'm using python to develop an extension to automate the sending of Issues to our management system, this extension collects all Issues and generates a CSV file, when I need to send the CSV file with more than 50,000...

Converting the content-type from application/json to multipart/form-data

Hello Team, I have seen there is an Extension which convert content-type from json to xml but no extension from json to multipart/form-data. Are we expecting this plugin to update or we are expecting new plugn to do...