Burp Suite User Forum
I am creating an extension using python to send additional attack signatures with burp extender's doactive scan and analyze XSS etc. I specified an arbitrary attack signature that I set as the insertion point, and it...
Hello! I would like to get the Burp Message Editor GUI element but without the surrounding elements (message format buttons, newline buttons at the top, search bar at the bottom, etc). Just the line numbers and text...
Hi, Could you please share the input on the below concern: 1) Does Burp Suite has the capability (or any extension) to scan & identify the Spring4Shell zero day vulnerability, if not by when we can expect an update for...
Hi, I'd like to ask a feature addition to the mentioned extension: [+] The possibility to modify the payload that is sent in the various headers, more specifically introducing an html tag like an <img...
I am not able to get the text after its modified. I am adding a text editor in JTabbedPane, so instead of request and response at the bottom of the logger table, I have a tab for request and test cases tab which is using a...
Hi, I am trying to build my first Python extension to BurpSuite. As a starter, I am focusing on getting basic request data from the repeater tab. For some reason, I cannot seem to access the URL from the current request,...
I am not able to get the text after its modified. I am adding a text editor in JTabbedPane, so instead of request and response at the bottom of the logger table, I have a tab for request and test cases tab which is using a...
I am getting this error while trying to load Jython file from my device. java.lang.ClassNotFoundException: burp.BurpExtender at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:476) at...
Every time I try to download Burp Suite Professional, it does not download. It remains in the downloading loop without actually downloading the app for hours. The community version downloads and the license for the...
I am creating an extension and found some similar functionalities in other Extention as well but only in java not for Jython. I am creating a table with the custom model which changes the views based on the row selected to...
I am creating an extension that has table with http data like url, parameters, http method etc. I want to get the http request for the row select in the table. Similar to proxy history tab that change request and...
Hi, I'm writing a java extension to encrypt the body of the request, the idea is that the encryption is done only after I make some modification to the request. For example, I let the proxy with "Intercept on", I modify...
Hi, I installed autorize extension from the store, but when i try to restore a file in the autorize menu, my autorize tab crush, doens't work, i tried to reinstall burp suite professional and autorize, nothing happened....
Hello I want to use proxy listener as a remote proxy server. When a victim connect throw my server the he get cert error in browser showing unsafe connection. As a remote connection i cant install burp ssl cert into his...
Hi, I try to use IP rotate extension but I get this error: Traceback (most recent call last): File "/root/.BurpSuite/bapps/2eb2b1cb1cf34cc79cda36f0f9019874/IPRotate.py", line 202, in enableGateway ...
Hi, OS : Windows 10 Pro Burp suite version : 2022.2.2 (I have tested other versions before, but same problem exists.) Java version : 17.0.2 (but I have also tested other java versions JRE 14 , JRE 15 , JRE 16) Jython...
Hey, I'm doing "Targeted web cache poisoning using an unknown header" lab. According to the point 3 on the Solutions you have to "With the Param Miner extension enabled, right-click on the request and select "Guess...
Normally, the SAML Raider extension will populate a SAML Raider tab when you select a SAML request in the HTTP History. Now, instead of populating the tab, it shows the error: ...
I get errors when i try to load python based extensions (i downloaded jython standalone and adressed in extension options) error is like this: java.lang.ExceptionInInitializerError at...
When guessing body parameters, Param Miner automatically adds a cache buster in the form of a "<random_name>=1" query parameter (for example "&jx77i7jyh1=1"). Is there any way this can be disabled? Case in point, I'm...
Page 19 of 48
Your source for help and advice on all things Burp-related.