Burp Suite User Forum

Login to post

Turbo Intruder with Session Handling Rules

Hello to all, I'm trying to learn turbo intruder. I created session handling rules for 2FA lab to get CSRF tokens like: get /login post /login post /login2 every time I use repeater or intruder my session handling...

Last updated: Nov 04, 2022 01:50PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Batch Scan Report Generator - faild to create reports

After the new Burp Professional upgrade version 2022.9.5, Batch Scan Report Generator is failling to create reports. The plugin print the message "Report Generation Complete!" but it it doesn't saved the report to the...

Last updated: Nov 04, 2022 01:08PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Custom extension not marking requests as "Edited"

I've made an extension in Python that generates and inserts a custom header into all HTTP requests, and it works as-in the custom header is added correctly, but the requests do not have an Edited and Original version. All I...

Last updated: Nov 03, 2022 03:23PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Macro Items Returning Null

I'm trying to create a Burp Extension that uses values retrieved from a macro, however, macroItems[0].getResponse() returns null. Has anyone come across this error? If so, do you know how to fix it in python? I'm running...

Last updated: Nov 03, 2022 11:14AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Montoya API - Custom Scanner Check

Hi! Thanks for creating a new Burp Extension API, I am testing the new Montoya API to create a plugin with a custom scanner check. For this I used the ScanCheck interface and within the activeAudit function I would have...

Last updated: Nov 02, 2022 11:35AM UTC | 2 Agent replies | 3 Community replies | Burp Extensions

My Burp extension stopped working since the latest Burp update

Hi - since I last updated by Burp, I'm getting a new error when trying to load a custom burp extension: java.lang.Exception: Extension class is not a recognized type at burp.u2_.J(Unknown Source) at...

Last updated: Nov 02, 2022 11:08AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

I cannot install Autorize extension from BApp

Hi currently I am enrolling in a API Security course. I am in a setup lab stage and it requires extension named Autorize. I already followed all the steps including put the stand along jython installer .jar file in python...

Last updated: Nov 01, 2022 06:39AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Java Deserialization Scanner

Hello, It was checked that Java Deserialization Extension is not working properly anymore. It does not provide correct results while scanning vulnerable to Insecure Deserialization web application. I hope someone can...

Last updated: Oct 31, 2022 12:15PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

no improvement with turbo intruder

Hi I'm doing SQL conditional lab, and I don't see and improvement with the turbo intruder. It's still very slow, especially after 100 requests or so. Are the labs throttled? Also I tried getting latest burp edition just to...

Last updated: Oct 27, 2022 10:39AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Failed to download BApp File

I can successfully access the BApp Store list and can even access the portswigger.net but somehow neither I am able to install any of the extensions nor I am able to update Burp through "Help" menu it will show/load new...

Last updated: Oct 26, 2022 05:39PM UTC | 5 Agent replies | 5 Community replies | Burp Extensions

Chrome's Dom Invader buggy on sites protected by recaptcha

Hello, I am trying to use Dom Invader in order to find DOM XSS vulnerabilities on a website that is protected by google recaptcha. As soon as I enable DOM invader, I am getting logged out and when I try to log in it...

Last updated: Oct 25, 2022 10:14AM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

Hash lookup

Hi all, Sometimes I have a hash and want to reverse it to find the original text and the used hash algorithm. I want to ask if there is any extension that performs hash lookup. Thanks

Last updated: Oct 24, 2022 10:51AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

BurnSuite website SSL error

I have configured Firefox to used Burp as proxy and everything works fine, except for one website. At the first "get request" everything works as it should be, that is, passed the traffic to burp and then i forwarded it....

Last updated: Oct 24, 2022 09:26AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Carbonator : No HTTPS traffic

I have configured carbonator and I am running the following command java -jar -Xmx2g -Djava.awt.headless=true /home/webscanner/BurpSuitePro/burpsuite_pro.jar https example.com 443 / --user-config-file=Config/userNew.json...

Last updated: Oct 20, 2022 09:37AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Burp wasn't intercepting localhost in brave browser

I'm using brave browser and wasn't able to intercept traffic in localhost anyone knows any fix on this? Thank you! - Certificate is okay - Other sites was intercepted

Last updated: Oct 19, 2022 12:02PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Email regard

Hi Team, I set up email notification in Burpsuit. when the site is scanning I want to get report by mail. I am receiving summary report but i want to get detailed report how to setup to get detailed report.

Last updated: Oct 19, 2022 11:42AM UTC | 0 Agent replies | 0 Community replies | Burp Extensions

[Param Miner] Cachebuster in the User-Agent headers causes CloudFlare 403 block

Param miner automatically adds a cache buster to the user-agent, this gets blocked by CloudFlare. I've attempted everything, please how can I stop this behaviour??? Is there a workaround ???

Last updated: Oct 17, 2022 10:29AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

How do I make line wrap?

How can I make line wrap enable for the string response with the function txtInput.setText()?

Last updated: Oct 14, 2022 02:54AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Unable to load installed extension.

Hi Team I have downloaded some extensions from BApp store but unable load them in burp menu bar for e.g. J2EE scan. When i check the load option under extender menu it shows success but does not shows anything in menu bar....

Last updated: Oct 13, 2022 03:16AM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

How do I perform manual checks like a batch?

Hello Burp Users, I don't want to perform any crawling or automated scans for my testing. I have about 50 - 100 requests that I want to send to the target and evaluate the raw responses. Are there any burp extensions to...

Last updated: Oct 11, 2022 01:05PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Page 2 of 37

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image