Burp Suite User Forum

Create new post

Not able to convert string to JSON object in Burp Extension using Montoya API

Gson gson = new GsonBuilder().setPrettyPrinting().create(); String jsonString = "{ \"name\" : \"John\", \"age\" : \"20\", \"address\" : \"some address\" }"; JsonElement jelem = gson.fromJson(jsonString,...

Last updated: Apr 22, 2024 09:40AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

ClassNotFoundException from extension using Jersey

Dear support, I have written an extension that is using behind the scene Jersey. Jersey is an open source framework for developing RESTful Web Services in Java. It provides support for JAX-RS APIs and serves as a JAX-RS...

Last updated: Apr 19, 2024 02:44PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Accessing Requests of Audit issue with No Response in Burp Suite Using an Extension

I have an issue detected by the issue handler in Burp Suite, where a time-based SQL Injection vulnerability is identified but there's no response in the issue details, only a request. How can I access this request using an...

Last updated: Apr 17, 2024 03:11PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Extensions Development - Burp Launching and Licensing Issue

Hi All, I am beginning to contribute to a Burp Suite extension and I'm running into some issues debugging. I have followed the instructions in this thread:...

Last updated: Apr 15, 2024 04:18PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

JWT Editor cannot be loaded anymore

Hi, I installed the Burp Extension "JWT Editor" and used it for a couple of days. Now it is not loaded anymore when I start Burp. I unloaded and reloaded it, removed and re-installed it, JWT Editor is simply not working...

Last updated: Apr 15, 2024 03:49PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

request().url() return value inconsistent

While working on an extension I came across an odd behavior but I'm not sure if it's expected or something with my extension code. It looks like for some reason, the HttpReuqestResponse.request().url() returns different...

Last updated: Apr 15, 2024 08:41AM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

sqlpyi

Hi I am trying to install sqlpyi but its not working , i tried many things but its showing sqlmap api is not running.I am using window machine. Colud you help me for this issue. Below some error when i tried to run...

Last updated: Apr 15, 2024 08:40AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

api to toggle request method and body encoding

Hello Is there some api support to toggle http request? I konw the toggleRequestMethod can be use to toggle method from GET and POST,is there some one support toggle param to mutipart param in montoya api(like use it in the...

Last updated: Apr 10, 2024 10:27AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Are Jython extensions deprecated?

Hello, I was looking into writing an extension, and all of the current documentation seems to indicate it should be done in Java via the new Montoya API. Is Jython support going to go the way of the old extender API?...

Last updated: Apr 09, 2024 12:24PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

How to limit binary response size

Hello I'm developing my extension to scan some backup file, like test.zip.But it will affect the performance when a large binary file be found.Is there some setting or some advices to limit the size of response in burp...

Last updated: Apr 08, 2024 09:00AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Global keyboard shortcut

Hi, I am writing an extension where it needs to access HttpRequestResponse object attached to currently focused editor from proxy, repeater, intruder tabs etc. I know context menu has this object encapsulated in event...

Last updated: Apr 05, 2024 09:34PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Fetch selected HTTP request/response without ContextMenu

Hello, thank you for your efforts on Burp's cool MontoyaAPI. I am currently developing an extension, and I would like to retrieve selected HTTP requests or responses from the Proxy History table or any other...

Last updated: Apr 05, 2024 07:57AM UTC | 5 Agent replies | 4 Community replies | Burp Extensions

Persistence Ballooning Files

Hi, An extension I've built uses Montoya Persistence quite a lot. I previously ran into an issue where Burp files were ballooning because I was creating new lists every time I needed to save a new item to a list. I...

Last updated: Apr 04, 2024 02:54PM UTC | 6 Agent replies | 5 Community replies | Burp Extensions

Get Only Selected Requests in Proxy History

I'm writing an extension using Montoya API. It needs to look at items in the proxy history and do some analysis. I see there is a method to get filtered items: List<ProxyHttpRequestResponse> history(ProxyHistoryFilter...

Last updated: Apr 02, 2024 07:36PM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Using Hackvetor

Good day, in the solution for lab 17, how do we know the xml entity to use is "hex_entities" because there are more than 20 other entities we could use to encode. thank you.

Last updated: Mar 26, 2024 09:43AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Crawl.statusMessage in Montoya API is "Not yet implemented"

In a project I'm working on, I am trying to automate the scanning of a target in Burp Suite Professional. Because existing solutions like https://github.com/NetsOSS/headless-burp are old and have deprecation issues, I am...

Last updated: Mar 25, 2024 04:04PM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

How can i use global variable like fucntionality in burp repeater

I have a request in repeater and i want to store some values from this request as a global variable so that i can use them in other requests. it could be like in a key-value pair and stored in a seprate tab of extension...

Last updated: Mar 16, 2024 12:51AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Private Burp Collab Server Only Failing 'Verify DNS Interaction"

Hello, I am running into an issue where all checks are successful aside from DNS Verification. I have confirmed my config multiple times, but am still running into the same issue each time. I am using the server...

Last updated: Mar 15, 2024 02:43PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Getting the highlighted text in a HttpRequest or Response

Hey, Is it possible with Montoya or any other method in Java to get the highlighted text of a Request/response? I'm wanting to pass/get some highlighted text into a contextmenu event. Appreciate any help!

Last updated: Mar 08, 2024 10:52AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Folder for loading libraries/modules doesnt seem to work

"java":{ "folder_for_loading_library_jar_files":"path" }, "python":{ "folder_for_loading_modules":"path", "location_of_jython_standalone_jar_file":"path_jython" } This doesn't seem to take effect. I have taken...

Last updated: Mar 08, 2024 08:48AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Page 2 of 49

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image