Burp Extensions - Burp Suite User Forum

Extensions Load Error

Hello, While installing java or ruby related plugins, plugins with python do not load and give an error message. I tried to download from the bapp store is not installed. Burp Suite Professional 2021.10.3 OS:...

About audit and how to judge start and end

Basically, I select one request from the history tab, run the audit, and then start auditing the next request after it finishes. I want to play a sound to notify when Audit (doActioveScan) starts and when Audit...

I am not sure what I am doing worng | hmac building extend.

my extend is - My objective is to create an automatic hmac extend which includes (get/post) method form request + URL + json body also once it generates the new hmac it will automatically update in repeater + it can use...

Burp Cookie Jar cookies not applied to requests for any tool

I am currently writing a Java based Burp Extension in order to navigate a complicated authentication system. I found that the macro recorder and other methods built into burp could not handle it, so I resolved to the...

Burp Suit Professional 2022.3.1 is not supporting HTML tag

Hi team, We have one extension in which we have used HTML tags at different places to add color, font and other html features. Our extension was working fine with Burp Suite 2022.2.4 but after we upgraded to the newer...

Failed to download BApp File

I can successfully access the BApp Store list and can even access the portswigger.net but somehow neither I am able to install any of the extensions nor I am able to update Burp through "Help" menu it will show/load new...

URI as insertion POINT

Hi, I am curious if we can insert out payload inside URI, We have multiple insertion points but all those are related to parameters and there is no insertion point returned for URI while BurpSuite ActiveScan does check...

Burpsuite API: is it possible to change the Socks/HTTP proxy settings through it?

Hello, All's in the title! I have been trying to figure out how to do these things but I could not find any documentation regarding them. Any help would be appreciated.

burp theme change

if anyones got irritation in eyes looking at white burp for a long time then---> https://github.com/CoreyD97/BurpCustomizer/releases download the jar file and open extender and add the extension and u can change the theme...

AMF

What is the current state of AMF support within Burp and Burp plugins? Searching through old support post most AMF support seems very outdated. I'm using Pro 1.7.30. I've tried Blazer. It throws a null pointer...

How to doActiveScan by use the specified IscannerCheck?

Hello I have write some active scan rules by implements IscannerCheck#doActiveScan. Sometimes I want to scan the items by use the specified IscannerCheck, but when I use callback.doActiveScan the all IscannerChecks will...

Turbo intruder error

while I was trying solving Lab: Web shell upload via race condition I launched turbo intruder many times and it was working fine and suddenly there was a message said "User python error, check extender for full details: The...

Issues with loading python modules

except for java, python extenders are not working. please help Thanks Prathik

callbacks.doActiveScan not triggering active scan

Hi Team, I have following code for performing a active scan for a particular request but this is not triggering the active scan instead this throws error as below:- ``` import burp import sys from burp import...

Hackvertor Display issues

Hello! Long time Burp user. I discovered Hackvertor a while back and love the idea of it. I struggle to use it longer term because of a display issue I seem to be having and have tried various things to fix it :( - intel...

Loading external jars from extensions

Hello, I am building a Burp extension and I would like to incorporate external JARs, for example the gson library to store some settings in a file. For the life of me I can't figure out how to get this configured...

Need jar file for Collaborator Everywhere extension

From where can I download Colloborator-everywhere-all.jar I need jar specifically, as I need to load this extension automatically when burp starts.

Cross-site scripting (DOM-based) - data is read from window.location.href and passed to $()

I'm getting the following error "The application may be vulnerable to DOM-based cross-site scripting. Data is read from window.location.href and passed to $()." My code looks like this let url =...

Jython on Monterrey

Hi, I'm trying to use a jython an extension and getting an error: java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.klf.<init>(Unknown Source) at burp.nb.F(Unknown Source) at...

I can't install jython environments

Exception in thread "main" java.lang.ExceptionInInitializerError at org.python.core.PySystemState.<clinit>(PySystemState.java:73) at org.python.util.jython.main(jython.java:533) Caused by:...