Burp Suite User Forum
I have installed carbonator,java and jython. I have configured proxy, upstream proxy and intercept to be turned off. The same configuration is saved and I m using this in commandline. java -jar -Xmx2g...
Hi, I need to use the IResponseVariations for an extension. I enumerated the attributes using the getVariantAttributes and getInvariantAttributes but I'm not sure on the meaning of all the attributes/attribute...
I have had success in the past using this extension to parse out operations associated with a web service and generates SOAP requests that can then be sent to the SOAP endpoints. However, with Burp v 2020.9.2 on Windows,...
Hi, I am working on an extension which has its own tab, it uses regex to search for a specific pattern in an HTTP response. I want to notify the BurpSuite user once the pattern is found, just like what `Proxy` tab does...
I'm dealing more and more with websockets: is there _any_ way to modify requests on the fly? I'm not afraid of writing a custom extension or fiddle with scripting my own tools. FWIW, if you provide some guidance, I could...
What does portswigger do in terms of reviewing submitted extensions for safety. Malware/virus scan? Code review? Static/dynamic security analysis? Or are they offered as "use at your own risk"?
Hi, I have just stated an unauthenticated scan for one of our website which is accessible through internal VPN only. since last more than 1 hour, I can see that Burp has got stuck on " Unauthenticated crawl. Estimating time...
Hi guys, I am trying to create an extension that adds a tab to the message editor where I need to access request values like the url in the response tab. As far as I know this is done using the getRequest method of the...
Is there a way to send extension request through the proxy? I would like to add the output of one extension to the proxy history. Thanks.
Good morning, The following request in the provided solution did work for me but I don't understand how it's calculated. POST / HTTP/1.1 Host: aca11fb21f25e1e3803a19b400f90012.web-security-academy.net Content-Type:...
Hi, Created a new burp extension for intruder. With this extension users can use Hashcat Maskprocessor arguments to create a bruteforce attack. If this code fits in "BApp Store" here is my...
Has anyone noticed an issue with Param Miner not able to find the headers required for this lab? Not sure if it's my Param Miner, my Burp, or the lab itself. I've tried by disabling nearly all the other extensions, but my...
Hello, For an extension I'm developing, I'd like to have the getter counterpart of setProxyInterceptionEnabled(), that would return either the proxy is enabled or not. I'm not able to find it anywhere, neither another...
Hi Portswigger people I have written an extension to automatically perform a variety of manipulations on URL paths, send a modified request and then check the response. For example, add various additional extensions to...
as the title says,idont known how where to find the burp moudle
Please refer to the following stack trace: Traceback (most recent call last): File "C:\Users\..\plugin.py", line 15, in <module> from Crypto.Cipher import PKCS1_v1_5 as Cipher_PKCS1_v1_5 File...
Hello Guys ? i am using burp suite pro 2020 , some of my extension are not displaying like office xml editor, please help me
Hi, I am using Burp Suite Pro v2.1.04, when I use Turbo Intruder Extension(which is working very good) and send 500+ Requests per Second sometimes burp's suite memory becomes full, 225mb and it hangs. Is there any way to...
I am done creating my extension and making it look a little presentable and organized. I have been look for ways to set the background color of a JPanel when using a jpanel and calling the callback.CustomizeUiComponents...
Issue : In Our application we are using cookie lastAccesTimeForCurrentSession to validate the session. Previously we were not using the SameSite attribute in Cookie, Now we started using SameSite with Strict mode. Browser...
Page 3 of 24
Your source for help and advice on all things Burp-related.