Burp Extensions

XML tab "Reparse" Programmatically

Hi, I would like to know how the "Reparse" button in the request/response "XML" tab reformats XML documents programmatically via Java. Specifically, I am wondering what library(s) are used for this. I am asking for the...

Extension load error code

os win 7 java.lang.ExceptionInInitializerError at org.python.util.PythonInterpreter.<init>(PythonInterpreter.java:100) at org.python.util.PythonInterpreter.<init>(PythonInterpreter.java:94) at...

Extensions are not loading with Burp defaults

Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that all the extensions...

IMessageEditorTab check Tool

I'm trying to create a simple jython extension to run a regex against the HTTP response and extract key fields into a new IMessageEditorTab. Is there anyway in IMessageEditorTab.isEnabled or...

Burp Extension for Intruder Payload with multiple payload lists

Hi, I am working on creating a extension for burp suite where a user can choose from a list of payload lists [one list for angular payloads, one list for react payload] according to the framework of the application he is...

IContextMenuInvocation - getSelectedMessage of original request / response

Hi I have added a custom context menu item, which reads the selected text of the currently open request / response. So far so good, however in the history view of Burp, when i have three tabs, i can only differentiate...

Burp Suite Automation

Hi All We are trying to automate to test various vulnerabilities like xpath injection,sql injection, Cross-site scripting etc. We have referred the following link...

Send to decoder programmaticaly from extensions

There are methods in IBurpExtenderCallbacks for sending data to - repeater, - intruder, - comparer, and - spider. Why isn't there one for decoder? When writing a custom message editor with a custom editor...

buildParameter not working

I built the HttpRequest using buildHttpMessage method and trying to add Cookie and Body param using LegacyBurpExtender.getInstance().getHelpers().buildParameter and addParameter and updateParameter methods and it is not...

Burp Enterprise Edition/Pro Edition can be integrated with Microsoft Team Foundation Server 2017?

Hi Burp Team, Currently we are evaluating the trial version of Burp Enterprise edition tool for security testing in our organization. The requirement is to integrate Burp Enterprise Edition/Pro Edition with Microsoft Team...

Scan Summary Report into Jenkins

I am currently running scans using burp enterprise from Jenkins. The scan completes and a report is available on burp enterprise server. But how do I get this report to be displayed in Jenkins?

AMF

What is the current state of AMF support within Burp and Burp plugins? Searching through old support post most AMF support seems very outdated. I'm using Pro 1.7.30. I've tried Blazer. It throws a null pointer...

BLAZER

Hi, I am testing a Flash application, I cam across AMF and Blazer extender. I would like to test AMF using Blazer, I am looking for a tutorial or some documentation for how to use Blazer. It would be great if you could help...

burp command line

Hi, I would like to bring up BURP using command line (without any GUI) for automation. Is there a way to bring it up without a project file? If I do not specify the project file on the command line, it will bring up GUI...

Old version of AutoRepeater in the BApp store

Hello, extension AutoRepeater is available in the BApp store as version 1.0 from April, 4th 2018. The latest commit from the original repository https://github.com/nccgroup/AutoRepeater was on July 27th, 2019. Any...

Add Custom Headers stopped to work.

Hi Guys! Any changes in Add Custom Headers extension? It stopped to work on Linux/Windows/1.7 and 2.X Burp versions. (:

Trouble integrating requests python library and jython

Im currently building a burp extension using Jython. At one point I basically get URLs from the proxy Tab and make an additional request with that url+someEndpoint with the Python Requests library. The extension works...

Headless burp authenticated scans

How can I perform an authenticated scan using headless burp?

CO2 extension

Hello, may I know whether it is free to install the co2 extension in burp suite professional? thanks

Can I Dynamicly Proxy a Https Request in Burp Extention?

I am writing a random ip proxy extention to handle the problem of bloking ip when exceeding target's request rate limit.But i fount the setHttpService isn't work when the request is https.what can i do now? only open burp...