Burp Suite User Forum

Login to post

How to make a new HTTP request using the Montoya API

Hello. I'd like to request all requests once more with JSON data. There are methods to intercept requests and responses, but there seems to be no methods to build new requests. Also, I made an issue on GitHub. Can I check...

Last updated: Jan 20, 2023 11:20AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Burp does not record website login

Hi, I'm new to Burp, hoping someone can help me out. I'm trying to record the login to an internal http company website. This website requires domain credentials before displaying anything. Because of this Burp doesn't start...

Last updated: Jan 20, 2023 09:35AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

How to i see the listing price and card number in the shopping websites

I can't see the list price and the card number in the burp suite community edition how can I see this please explain me. I am trying in Flipkart website but not showing this price and card number also I want to change my...

Last updated: Jan 19, 2023 09:06AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Temporarily deregister and reregister a Registration?

Hi all, I'm developing an extension utilizing the new Montoya API. I'm registering an HTTP handler as is done in the API examples: Registration headerHandler = api.proxy().registerRequestHandler(new...

Last updated: Jan 16, 2023 11:40AM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Upload scanner " crashed while testing file upload functionality

When I am forwarding the file upload request and response to upload scanner , it get crashed and throws error " unable to generate automatic log report" I am able to forward request- response to upload scanner and start...

Last updated: Jan 16, 2023 06:43AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

HTTP Request Smuggler - vs - LAB: CL.0 request smuggling

Although I was able to solve the 'CL.0 request smuggling' lab, I have not been able to make the 'HTTP Request Smuggler' extension find the flaw (or its location) when performing the probes. - I have attempted to target the...

Last updated: Jan 15, 2023 10:57AM UTC | 0 Agent replies | 0 Community replies | Burp Extensions

Change default Issue Detail writeup for parent issue

Hi, Does IscanIssue or any other class/method expose functionality to change the default issueDetail writeup for parent findings (findings with multiple instances). Use case: My extension searches for specific strings...

Last updated: Jan 10, 2023 09:21AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Unknown object 'burp.tn5' causing AttributeError in consolidateDuplicateIssues method

An unknown object 'burp.tn5' is being passed into consolidateDuplicateIssues method which is causing the following exception to occur. I am unable to figure out the reasoning. I have provided snippets of code to assist...

Last updated: Jan 09, 2023 04:36PM UTC | 1 Agent replies | 2 Community replies | Burp Extensions

Set highlight and Set comment

When calling the Extender by selecting a request already obtained in Burp's http history, I want to reflect the Highlight and Comment set in the Extender to the selected request. Can I do that with setHighlight and...

Last updated: Jan 09, 2023 10:44AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

How to resize the http request smuggler when you select 'Launch all scans'?

Does anyone encounter this issue? When I select 'Launch all scans' with 'http request smuggler' extension, then I am able to see the full windows. That means I can't even see the 'ok' button and have no way to click on it....

Last updated: Jan 05, 2023 07:25AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

IMessageEditorTab only for scope URL

I am trying to add a custom tab for requests using IMessageEditorTabFactory and IMessageEditorTab in python. I am trying to get details of the request and check if the URL is in scope or not and it shows a tab for the scope...

Last updated: Jan 04, 2023 04:05PM UTC | 3 Agent replies | 3 Community replies | Burp Extensions

WebSocket messages being truncated to 4096 bytes

Hello! I'm using websocket handlers in my extension, and all binary messages (passed to me as bytearrays) I receive are truncated to 4096 bytes. Obviously this breaks functionality in my extension when the server sends...

Last updated: Jan 04, 2023 03:03PM UTC | 2 Agent replies | 0 Community replies | Burp Extensions

Can We Implement a "Create New Group" API to the Montoya API?

Hi there! I'm currently working on a Burp extension that uses the Montoya API. I need to send multiple HTTP requests to the Burp Repeater, and it would be great if I could create a new tab group using the Montoya API....

Last updated: Jan 04, 2023 01:39PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

HTTP Request Smuggler, invalid poc type

Hello, trying Burp Academy and catch the issue with above extension, by simply pushing Extensions > HTTP Request Smuggler > Smuggle probe and error message pane I can see: Establishing 1 connection to...

Last updated: Jan 03, 2023 04:45PM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Burp Enterprise Extension Development Environment

Hello ! I would like to develop a custom BurpSuite Enterprise Extension in Java but I encounter some issues using my JAR file. It is successfully loaded in Burp but when fails to run when I launch a new scan using it. I...

Last updated: Jan 03, 2023 11:33AM UTC | 4 Agent replies | 3 Community replies | Burp Extensions

cannot load burp python extensions

java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.c8o.<init>(Unknown Source) at burp.ba0.a(Unknown Source) at burp.ctj.lambda$panelLoaded$0(Unknown Source) at...

Last updated: Jan 02, 2023 10:21AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Match and Replace "user agent" to match Mobile phone is not working

Hello, i have burp pro and i want to scan (deep) a web https site that is working only on low Resolution like Mobile. In Proxy - Options - we have the feature Match and Replace, i choose (V) the default option of user...

Last updated: Dec 28, 2022 03:14PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Jython ImportError: cannot import name LineBorder

Hello, I'm working on a burp extension. I have this error when I try Burp Extension with LineBorder class. I'm using Jython 2.7.3 this is the error message. from java.awt import BorderLayout, Color,...

Last updated: Dec 28, 2022 02:45PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Extensions are not loading with Burp defaults

Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that all the extensions...

Last updated: Dec 23, 2022 09:54AM UTC | 4 Agent replies | 4 Community replies | Burp Extensions

Replace/Update Cookie

Hi, Is there any extension, which can be invoked using the session handling rule: "invoke a Burp Extension", which can replace or update any cookie value? Thanks, Arpit

Last updated: Dec 22, 2022 05:08PM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Page 3 of 40

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image