Burp Extensions - Page 2 - Burp Suite User Forum

Lab: SameSite Strict bypass via client-side redirect - this lab broken too

This is my solution and works with view exploit, but not working when delivering neither in chrome, not burp. Therefor unfortunately the lab is broken. Can you please fix please? thank...

Generate report with Burp API have no option to include XML requests/responses

Hi, I am using below burp library for our extension. Library dependency: <dependency> <groupId>net.portswigger.burp.extender</groupId> <artifactId>burp-extender-api</artifactId> ...

Distribute Damage

I am trying to use this extension to rate limit all traffic. I have changed and tested multiple settings with no success. To verify even further, I checked "paused all traffic" just to see if it worked. Nothing has been...

Is it possible to save the Annotations.notes by burp.api.montoya.repeater?

Hi, function sendToRepeater() ，Is it possible to save the Annotations.notes? Thank you!

Unable to create SAAJ meta-factory

Hi, I am trying to use saaj meta factory in my extension to parse some soap requests but burpsuite always give following error "Unable to create message factory for SOAP: Unable to create SAAJ meta-factory: Provider...

Failed to load Python interpreter from Jython JAR file

Hello Dear, I am facing an error. I am not able to add my extension in Burp. I am getting the follow error: java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.a3t.<init>(Unknown...

[MontoyaAPI][RawEditor][DocumentListener] Support or Workaround?

I’m trying to access the DocumentListener for a RawEditor component. It appears that the method rawEditor.uiComponent().getDocument() is not accessible. I attempted the following...

Difference bewteen HTTP Request Smuggler Extension and HTTP request smuggling with Burp scanner

Hello, I am currently studying HTTP Desync Attacks and comparing the various tools used to test for these types of vulnerabilities. While experimenting with the HTTP Request Smuggler Extension and Burp Scanner (and also...

Facing issues while running the Burp Infiltrator

Hi Team, I'm trying to use burp infiltrator and trying to solve the issues which have occured while running this tool. Also, trying to find more details on internet but not found much details so thought of discuss this...

Unable to filter X-Forwarded-Host with Param Miner Burpsuite Professional v2024.5.5, Lab: Password reset poisoning via middleware

Hello I have attempted this lab: Password reset poisoning via middleware, and run Param Miner on this request, choosing the "Guess Headers". I have tried this thrice, but I still could not get the X-Forwarded-Host even if I...

extender

So this 'issue' has been happening to me for the last few versions of burp suite pro. right now I am running the latest .18 version. In the extender tab i have the option to automatically reload extensions on startup...

Extensions are not loading with Burp defaults

Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that all the extensions...

Burp Suite Param Miner

Using the param miner via 'Extensions->Param Miner->Param Miner->fat GET' result in 'Queued 0 attacks from 1 requests in 0 seconds' in the output of the extension. Does anyone know why it doesn't scan anything?

cannot modify request in insertion bechecks

Hello Is there support modify request in insertion-base bchecks? Sometimes we want to continue modify request after replacing or appending payload, like change mehod or add some headers.But I found I cant do these when I...

Query Associated Param miner

What is the purpose or use of the option "canary" in param miner when guess all parameters option is selected?

Burp pre configured browser is not working

When am opening burp pre configured browser its not working. Am seeing browser opened but not able to access anything in it showing error as "Error code: STATUS_DLL_INIT_FAILED"

withUpdatedParameters(List) function updates only the first parameter

Hi, I'm struggling with modification of the request payload in a class extending ExtensionProvidedHttpRequestEditor. In the getRequest() function, I'm packing the content of my custom editor and want to update request...

turbo intruder

my intruder works fine with macros but turbo intruder won't

Turbo Intruder Not starting

Im very new to Burp Suite, i also never used sm like this. Today I was trying to solve the Bypassing rate limits via race conditions Lab by following a video but somehow im just stuck at the part when i start the attack on...

Has the new MontoyaAPI removed the saveExtensionSettings and the loadExtensionSettings method

Hi, I am trying to develop a Burp Suite extension, and the work is almost done. Now, I need to implement a persistent way to store the data used in the extension. I did try the PersistedObject to do the same, and I have...