Burp Suite User Forum

Create new post

buildParameter not working

I built the HttpRequest using buildHttpMessage method and trying to add Cookie and Body param using LegacyBurpExtender.getInstance().getHelpers().buildParameter and addParameter and updateParameter methods and it is not...

Last updated: Oct 23, 2019 01:18PM UTC | 3 Agent replies | 1 Community replies | Burp Extensions

Burp Enterprise Edition/Pro Edition can be integrated with Microsoft Team Foundation Server 2017?

Hi Burp Team, Currently we are evaluating the trial version of Burp Enterprise edition tool for security testing in our organization. The requirement is to integrate Burp Enterprise Edition/Pro Edition with Microsoft Team...

Last updated: Oct 22, 2019 09:48AM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

BLAZER

Hi, I am testing a Flash application, I cam across AMF and Blazer extender. I would like to test AMF using Blazer, I am looking for a tutorial or some documentation for how to use Blazer. It would be great if you could help...

Last updated: Oct 14, 2019 03:31PM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

burp command line

Hi, I would like to bring up BURP using command line (without any GUI) for automation. Is there a way to bring it up without a project file? If I do not specify the project file on the command line, it will bring up GUI...

Last updated: Oct 10, 2019 09:59AM UTC | 9 Agent replies | 8 Community replies | Burp Extensions

Old version of AutoRepeater in the BApp store

Hello, extension AutoRepeater is available in the BApp store as version 1.0 from April, 4th 2018. The latest commit from the original repository https://github.com/nccgroup/AutoRepeater was on July 27th, 2019. Any...

Last updated: Oct 07, 2019 09:48AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Add Custom Headers stopped to work.

Hi Guys! Any changes in Add Custom Headers extension? It stopped to work on Linux/Windows/1.7 and 2.X Burp versions. (:

Last updated: Oct 03, 2019 12:07PM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Trouble integrating requests python library and jython

Im currently building a burp extension using Jython. At one point I basically get URLs from the proxy Tab and make an additional request with that url+someEndpoint with the Python Requests library. The extension works...

Last updated: Oct 03, 2019 08:12AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Headless burp authenticated scans

How can I perform an authenticated scan using headless burp?

Last updated: Sep 26, 2019 02:09PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

CO2 extension

Hello, may I know whether it is free to install the co2 extension in burp suite professional? thanks

Last updated: Sep 26, 2019 11:53AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Can I Dynamicly Proxy a Https Request in Burp Extention?

I am writing a random ip proxy extention to handle the problem of bloking ip when exceeding target's request rate limit.But i fount the setHttpService isn't work when the request is https.what can i do now? only open burp...

Last updated: Sep 23, 2019 01:50PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Making a custom extender interface

Hi to all! Im currently creating a burp extension and I was wondering if there was any way to make an interface for it (Not just print things into the extender console). I read something about some drag and drop feature...

Last updated: Sep 20, 2019 12:39PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Packing/Unpacking custom POST data format for Active Scans

I'm trying to write an extension to test a mobile API endpoint that uses a homebrew message level encryption format. Basically there is a pre-shared AES key between the mobile app and the server, and the JSON POST data gets...

Last updated: Sep 20, 2019 08:08AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

trigger an active scanning programatically

Dear burp team, From an extension I would like to firstly do an passive scanning. Once the application was scanned then I would like programatically for each (passive) request to do an active scanning. The goal of all...

Last updated: Sep 11, 2019 08:26AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Burp 2.0 extension-only audit

I have a local page that I use to test for LFI attacks, when I used to run active scan against this page in Burp 1.7.37, I get the attack detected by different extensions, e.g. J2EEScan. I tried to scan the same page in...

Last updated: Sep 09, 2019 06:35AM UTC | 4 Agent replies | 3 Community replies | Burp Extensions

Bapps folder and non BApp store extensions

Hey guys, I have a question on how Burp installs extensions from BApp store vs local extensions. It looks like for ones installed from the store, Burp stores them under the bapps folder. However for locally sourced ones,...

Last updated: Sep 04, 2019 09:14AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Accessing marker indexes from Intruder Payload

Hello Support, I am trying to grab the indexes from a user created Intruder payload but it doesn't seem like it is possible within the APIs. If I already have markers I can apply them to a IHttpRequestResponse object with...

Last updated: Aug 30, 2019 10:56AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Serializing IScanIssues

Hello Support Team, So I have created an implementation of IScanIssue but I am getting errors when trying to JSON encode the class like this: "java.lang.IllegalArgumentException: jdk.internal.ref.PhantomCleanable<?>...

Last updated: Aug 29, 2019 08:59PM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Packaging Burp Extensions

How are we supposed to package extensions that require both Java and Jython? I've an extension which uses 2 python projects and those 2 use python modules like six. How should I package it for distribution?

Last updated: Aug 29, 2019 09:43AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

how can I add the resulting of this a burp plugin to the sitemap?

Hi I made a burp plugin to convert get to post and post to get and it is working when I am scanning the web app but how can I add the resulting of this plugin to the sitemap? this is my burp...

Last updated: Aug 28, 2019 12:21PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Burp Extensions Distribution

Hello, Can you please help with the question at https://support.portswigger.net/customer/en/portal/questions/17629848-packaging-burp-extensions?new=17629848? Not sure if it's not answered as there is a reply post which...

Last updated: Aug 28, 2019 07:20AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Page 34 of 49

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image