Burp Extensions - Page 13 - Burp Suite User Forum

WebSocket messages being truncated to 4096 bytes

Hello! I'm using websocket handlers in my extension, and all binary messages (passed to me as bytearrays) I receive are truncated to 4096 bytes. Obviously this breaks functionality in my extension when the server sends...

HTTP Request Smuggler, invalid poc type

Hello, trying Burp Academy and catch the issue with above extension, by simply pushing Extensions > HTTP Request Smuggler > Smuggle probe and error message pane I can see: Establishing 1 connection to...

Burp Enterprise Extension Development Environment

Hello ! I would like to develop a custom BurpSuite Enterprise Extension in Java but I encounter some issues using my JAR file. It is successfully loaded in Burp but when fails to run when I launch a new scan using it. I...

cannot load burp python extensions

java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.c8o.<init>(Unknown Source) at burp.ba0.a(Unknown Source) at burp.ctj.lambda$panelLoaded$0(Unknown Source) at...

Match and Replace "user agent" to match Mobile phone is not working

Hello, i have burp pro and i want to scan (deep) a web https site that is working only on low Resolution like Mobile. In Proxy - Options - we have the feature Match and Replace, i choose (V) the default option of user...

Jython ImportError: cannot import name LineBorder

Hello, I'm working on a burp extension. I have this error when I try Burp Extension with LineBorder class. I'm using Jython 2.7.3 this is the error message. from java.awt import BorderLayout, Color,...

Exception after adding BouncyCastle libraries bcpkix into the project

Hi, I'm currently trying to do an extension based off the new Montoya API that help me sign request using a PKCS1 Key. However, Java does not support PKCS1 key out of the box and require the usage of BouncyCastle. After...

Extensions are not loading with Burp defaults

Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that all the extensions...

Replace/Update Cookie

Hi, Is there any extension, which can be invoked using the session handling rule: "invoke a Burp Extension", which can replace or update any cookie value? Thanks, Arpit

Freezing application when using JWT Extension when trying to signing a key

Hi, I use JWT Edioter Key Extension, when I'm trying to sign a new symmetric key direct into request, the whole application freezing and no response. Any tips to fix this? My system: Windows 10 - 64bit

Create multiple HTTP requests from a single intercepted proxy request

Hello Team, I have my proxy listener on. I am trying to write a burp extension in python to loop over a list of payloads and replace the parameters in the body with the elements of the payloads list. I was not able to...

Context menu items for WebSocket messages

Hello! It is possible to use the API call `registerContextMenuItemsProvider()` (in Montoya) in order to provide context menu options for issues, HTTP request and responses. However, I'm unable to find a way to do the...

java.lang.Exception: Extension class is not a recognized type

java.lang.Exception: Extension class is not a recognized type at burp.ao0.M(Unknown Source) at burp.ao0.l(Unknown Source) at burp.wf8.t(Unknown Source) at burp.cci.o(Unknown Source) at...

Extensions not showing up in the menu

I installed sentinel extension but it is not showing in the menu section.. I tried installing other extensions and it it showed up in the menu.. Please help me for the sentinel extension..

Webinspect extension issue

Hello, I have been using the burp extension for Webinspect for about the last 12 months. It allows me to attach findings from burp scans to Webinspect scans. Lately, the extension has stopped working and I can no longer...

DOM Invader

Hello, I am running v2022.11.4 of the Burp Community edition, but when I open the embedded browser, I do not see the Burp Suite Icon (and hence not the DOM Invader tab). Is the DOM Invader ONLY available in version...

Cannot install extensions

Hello, I've found that as of 2022.11.3 installing extensions is somewhat broken. The issue does not seem to be limited to this specific version, running older version does not fix the issue, also resetting ~/.BurpSuite...

Error while trying to install any extensions requiring Jython

Hello! I have Burp Suite Professional v2022.11.2 and jython-standalone-2.7.3.jar. I have folloring error while trying to install any extensions requiring Jython: Traceback (most recent call last): File "<string>",...

Autorize - Export all endpoints

Hi, I'm working on one project and found over 50+ vulnerable endpoints/paths where regular user can see what is for admin eyes only. My question is can I export that everything as a report or like a some file where I...

Error while trying to install extensions requiring Jython