Burp Extensions - Page 13 - Burp Suite User Forum

Extender callback for getting the currently active project's name

Hello! Maybe I'm blind, but I can't find in the documentation a callback for getting the currently active project's name (set during project set up). I thought of parsing the output of saveConfigAsJson(), but it's not...

Using JavaFX version 17

Hi there, I have an extension that includes JavaFX 17, and when I run Burp like .jar file this extension upload and work correctly, but If I try to upload this extension in installed Burp (dmg or exe) I am getting the...

How Do I resolve "java.lang.Exception: Extension class is not a recognized type" error?

Hi, I am new to Burp Suite. I downloaded "JWT Editor" extension from the BApp Store and add it to Burp Suite in "Extensions" tab, but Burp Suite outputs an error below: --- java.lang.Exception: Extension class is not a...

JavaFX error while uploading extension

Hi When I try to Add an Extension using JavaFX into the current version of Burp Suite (v2023.2.3) I am getting this error: Loading library prism_es2 from resource failed: java.lang.UnsatisfiedLinkError: Can't load...

JavaFX vs Swing

Hi there, which library I should use to develop an extension? Are there any recommendations or compatibility problems regarding arm/M1 architecture? Thank you

Extensions Development: Burp hanging when modifying request in an extension

Greetings, I am using the HttpHandler example for the Montoya API located here:...

Creating new WebSocket via Montoya API?

Hello, I am excited to see the Montoya API now adds support for WebSockets and I am trying to create new WebSocket connections. However I can't see to see a way to do this, I can only send messages inside an established...

BurpSuite Custom Header extension

I am attempting to write a custom Burp extension based on the example code from https://github.com/PortSwigger/burp-extensions-montoya-api-examples/tree/main/customlogger. The plugin is intended to perform the following...

Error in burp intruder

I was trying to do brute force attack on the authentication bypass lab using turbo intruder and i got the following error:- Starting attack... There was an error executing your Python script. This is probably due to a...

Encode request body and response body

Hi there, In my extension, I am making requests with makeHttpRequest() method. And both request and response are visible in Logger. The problem is this request requires that the request body is encoded with RSA + cert...

Looking for the extension that adds the full URL in the request line

Hello, I noticed that during a scan, one of the loaded extensions is putting the full URL in the request line. For example, the original request has this request line: "GET /robots.txt HTTP/2" in a request to...

Run JavaScript code using Jython 2.7

Hello! I am writing an extension that can move requests from Postman collection to Site map using Python. To move requests python script parse Postman collection JSON file. My script works correctly, but I stacked with a...

Get Burp's default intruder insertion points

Hey, I am looking to build upon Burp's insertion points for intruder. Is there a way to get the default insertion points for a request? I thought it might be markers() but this returns an empty list for a multi-parameter...

Unable to launch Burp Headless mode

Hi There, I am trying to run burp headless mode to get the scan automation inside my CLI without opening Burp Application, but I am unable to run this with headless mode. Could you please help me with this and get this...

Cast RequestEntity to MontoyaApi HttpRequest

Hi, is there an easy way to cast org.springframework.http.HttpRequest to Montoya-API HttpRequest? Thank you

currentRequest response waiting for numerous new modified Http requests to complete

I am trying to create a BURP extension which takes current request and grabs path from it and add some custom_path and create http request using headers from currentRequest. The paths are a total of 200 My problem is that...

Error while sending request via Montoya API

Hi there, I am trying to send a request with the method sendRequest(); String body = "GET /vdp/helloworld HTTP/1.1\n" + "Host: sandbox.api.visa.com\n" + ...

Make request with certificates

Hi there, If I need to make a request which requires multiple certificates (.p12, public .pem & private .pem). Which method/Interface i can use to send these requests? And is there some example code on how to make...

Log requests in History tab

Hi there, is there a way to log requests made by extension in the History tab? My use case is that when we make requests via our extension, we would like to be able to send this request to the Repeater. I know it's...

Practice Exam - Java Deserialization Scanner

Hello everyone, I'm working on the practice exam for the Burp Suite certification. As many of you may know, the last stage involved an insecure java deserialization. Since there is no contextual clues as to what gadget...