Burp Extensions - Page 3 - Burp Suite User Forum

How to make a new HTTP request using the Montoya API

Hello. I'd like to request all requests once more with JSON data. There are methods to intercept requests and responses, but there seems to be no methods to build new requests. Also, I made an issue on GitHub. Can I check...

Burp does not record website login

Hi, I'm new to Burp, hoping someone can help me out. I'm trying to record the login to an internal http company website. This website requires domain credentials before displaying anything. Because of this Burp doesn't start...

How to i see the listing price and card number in the shopping websites

I can't see the list price and the card number in the burp suite community edition how can I see this please explain me. I am trying in Flipkart website but not showing this price and card number also I want to change my...

Temporarily deregister and reregister a Registration?

Hi all, I'm developing an extension utilizing the new Montoya API. I'm registering an HTTP handler as is done in the API examples: Registration headerHandler = api.proxy().registerRequestHandler(new...

Upload scanner " crashed while testing file upload functionality

When I am forwarding the file upload request and response to upload scanner , it get crashed and throws error " unable to generate automatic log report" I am able to forward request- response to upload scanner and start...

HTTP Request Smuggler - vs - LAB: CL.0 request smuggling

Although I was able to solve the 'CL.0 request smuggling' lab, I have not been able to make the 'HTTP Request Smuggler' extension find the flaw (or its location) when performing the probes. - I have attempted to target the...

Change default Issue Detail writeup for parent issue

Hi, Does IscanIssue or any other class/method expose functionality to change the default issueDetail writeup for parent findings (findings with multiple instances). Use case: My extension searches for specific strings...

Unknown object 'burp.tn5' causing AttributeError in consolidateDuplicateIssues method

An unknown object 'burp.tn5' is being passed into consolidateDuplicateIssues method which is causing the following exception to occur. I am unable to figure out the reasoning. I have provided snippets of code to assist...

Set highlight and Set comment

When calling the Extender by selecting a request already obtained in Burp's http history, I want to reflect the Highlight and Comment set in the Extender to the selected request. Can I do that with setHighlight and...

How to resize the http request smuggler when you select 'Launch all scans'?

Does anyone encounter this issue? When I select 'Launch all scans' with 'http request smuggler' extension, then I am able to see the full windows. That means I can't even see the 'ok' button and have no way to click on it....

IMessageEditorTab only for scope URL

I am trying to add a custom tab for requests using IMessageEditorTabFactory and IMessageEditorTab in python. I am trying to get details of the request and check if the URL is in scope or not and it shows a tab for the scope...

WebSocket messages being truncated to 4096 bytes

Hello! I'm using websocket handlers in my extension, and all binary messages (passed to me as bytearrays) I receive are truncated to 4096 bytes. Obviously this breaks functionality in my extension when the server sends...

Can We Implement a "Create New Group" API to the Montoya API?

Hi there! I'm currently working on a Burp extension that uses the Montoya API. I need to send multiple HTTP requests to the Burp Repeater, and it would be great if I could create a new tab group using the Montoya API....

HTTP Request Smuggler, invalid poc type

Hello, trying Burp Academy and catch the issue with above extension, by simply pushing Extensions > HTTP Request Smuggler > Smuggle probe and error message pane I can see: Establishing 1 connection to...

Burp Enterprise Extension Development Environment

Hello ! I would like to develop a custom BurpSuite Enterprise Extension in Java but I encounter some issues using my JAR file. It is successfully loaded in Burp but when fails to run when I launch a new scan using it. I...

cannot load burp python extensions

java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.c8o.<init>(Unknown Source) at burp.ba0.a(Unknown Source) at burp.ctj.lambda$panelLoaded$0(Unknown Source) at...

Match and Replace "user agent" to match Mobile phone is not working

Hello, i have burp pro and i want to scan (deep) a web https site that is working only on low Resolution like Mobile. In Proxy - Options - we have the feature Match and Replace, i choose (V) the default option of user...

Jython ImportError: cannot import name LineBorder

Hello, I'm working on a burp extension. I have this error when I try Burp Extension with LineBorder class. I'm using Jython 2.7.3 this is the error message. from java.awt import BorderLayout, Color,...

Extensions are not loading with Burp defaults

Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that all the extensions...

Replace/Update Cookie

Hi, Is there any extension, which can be invoked using the session handling rule: "invoke a Burp Extension", which can replace or update any cookie value? Thanks, Arpit