Burp Suite User Forum
Hello. I'd like to request all requests once more with JSON data. There are methods to intercept requests and responses, but there seems to be no methods to build new requests. Also, I made an issue on GitHub. Can I check...
Hi, I'm new to Burp, hoping someone can help me out. I'm trying to record the login to an internal http company website. This website requires domain credentials before displaying anything. Because of this Burp doesn't start...
I can't see the list price and the card number in the burp suite community edition how can I see this please explain me. I am trying in Flipkart website but not showing this price and card number also I want to change my...
Hi all, I'm developing an extension utilizing the new Montoya API. I'm registering an HTTP handler as is done in the API examples: Registration headerHandler = api.proxy().registerRequestHandler(new...
When I am forwarding the file upload request and response to upload scanner , it get crashed and throws error " unable to generate automatic log report" I am able to forward request- response to upload scanner and start...
Although I was able to solve the 'CL.0 request smuggling' lab, I have not been able to make the 'HTTP Request Smuggler' extension find the flaw (or its location) when performing the probes. - I have attempted to target the...
Hi, Does IscanIssue or any other class/method expose functionality to change the default issueDetail writeup for parent findings (findings with multiple instances). Use case: My extension searches for specific strings...
An unknown object 'burp.tn5' is being passed into consolidateDuplicateIssues method which is causing the following exception to occur. I am unable to figure out the reasoning. I have provided snippets of code to assist...
When calling the Extender by selecting a request already obtained in Burp's http history, I want to reflect the Highlight and Comment set in the Extender to the selected request. Can I do that with setHighlight and...
Does anyone encounter this issue? When I select 'Launch all scans' with 'http request smuggler' extension, then I am able to see the full windows. That means I can't even see the 'ok' button and have no way to click on it....
I am trying to add a custom tab for requests using IMessageEditorTabFactory and IMessageEditorTab in python. I am trying to get details of the request and check if the URL is in scope or not and it shows a tab for the scope...
Hello! I'm using websocket handlers in my extension, and all binary messages (passed to me as bytearrays) I receive are truncated to 4096 bytes. Obviously this breaks functionality in my extension when the server sends...
Hi there! I'm currently working on a Burp extension that uses the Montoya API. I need to send multiple HTTP requests to the Burp Repeater, and it would be great if I could create a new tab group using the Montoya API....
Hello, trying Burp Academy and catch the issue with above extension, by simply pushing Extensions > HTTP Request Smuggler > Smuggle probe and error message pane I can see: Establishing 1 connection to...
Hello ! I would like to develop a custom BurpSuite Enterprise Extension in Java but I encounter some issues using my JAR file. It is successfully loaded in Burp but when fails to run when I launch a new scan using it. I...
java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.c8o.<init>(Unknown Source) at burp.ba0.a(Unknown Source) at burp.ctj.lambda$panelLoaded$0(Unknown Source) at...
Hello, i have burp pro and i want to scan (deep) a web https site that is working only on low Resolution like Mobile. In Proxy - Options - we have the feature Match and Replace, i choose (V) the default option of user...
Hello, I'm working on a burp extension. I have this error when I try Burp Extension with LineBorder class. I'm using Jython 2.7.3 this is the error message. from java.awt import BorderLayout, Color,...
Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that all the extensions...
Hi, Is there any extension, which can be invoked using the session handling rule: "invoke a Burp Extension", which can replace or update any cookie value? Thanks, Arpit
Page 3 of 40
Your source for help and advice on all things Burp-related.