Burp Suite User Forum

Create new post

Burp extention: Use of 'Analyze Traget' in custom extender

Hi, Can I get data(Engagement Tool->Analyze Target) of a target URL in custom burp extension? Actually, I need the data before running the scanner. If I get the data in extension, I can log the values when the scanner...

Last updated: Sep 10, 2018 01:18PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Failed to load any python extension

Hi! I have a problem with loading any python base extension in burp. I downloaded a jyton-standalone-2.7.0.jar and also configured python environment in extender options but when I want to install any python base extension...

Last updated: Sep 07, 2018 02:20PM UTC | 4 Agent replies | 4 Community replies | Burp Extensions

Burp Extension Loading hangs

Hi I'm trying to load some Burp extensions (Java/Jython), but the load hangs without any error or log messages. I'm using the latest version of Burp Pro 1.7.35, the extensions I'm trying to load are: HUNT scanner HUNT...

Last updated: Sep 05, 2018 09:20AM UTC | 3 Agent replies | 1 Community replies | Burp Extensions

Failed to import .py extension: OSError: [Errno 0] chdir not supported in Java

As the title says, I am facing this when trying to install Python extensions in Burp. Is it something related to jython environment variables? Thanks This is the complete traceback: Traceback (innermost last): ...

Last updated: Sep 04, 2018 03:39PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

burp.byc

I was wondering if you have any idea what could lead to the following python stack trace when using the makeHttpRequest Burp extension API? Traceback (most recent call last): File...

Last updated: Aug 31, 2018 11:25AM UTC | 4 Agent replies | 3 Community replies | Burp Extensions

Swagger Parser and Wsdler improvement

Hi Portswigger, I don't know if you already got a similar request. I would love to see a Burp Extension similar to Wsdler but for Swagger files (REST API testing) released. This would avoid having to chain Burp (and...

Last updated: Aug 23, 2018 11:35AM UTC | 1 Agent replies | 5 Community replies | Burp Extensions

Detection of outdated components

Dear all, How can I know if a specific component is outdated and will be detected or not by BurpSuite? In specific I had a complaint from a customer, we did not detect that primefaces 5.x is vulnerable (CVE-2017-1000486).In...

Last updated: Aug 13, 2018 11:01AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

How to affect URLs that show up in Target/Site Map

I am developing an extension to enhance the Target/Site Map filtering capabilities. Is there a way to intercept every Request coming into Burp to allow decision code that would determine if a URL will be displayed in the...

Last updated: Aug 03, 2018 04:26PM UTC | 3 Agent replies | 5 Community replies | Burp Extensions

failed to coerce [Lburp.IHttpRequestResponse; to burp.IHttpRequestResponse

Hi everyone. I writing burp extender code using Jruby. and... come in error :( Plz help me... [ Error ] failed to coerce [Lburp.IHttpRequestResponse; to burp.IHttpRequestResponse [ Code line ] def...

Last updated: Aug 01, 2018 08:35AM UTC | 0 Agent replies | 1 Community replies | Burp Extensions

Proxy PAC support

Hello there, A friend and I developed an extension in order to support proxy.pac files: https://github.com/vincd/burpproxypacextension The extension uses the proxy-vole library. Feel free to report bugs and ideas for...

Last updated: Jul 06, 2018 10:47PM UTC | 1 Agent replies | 3 Community replies | Burp Extensions

Burp Suite Professional License Update

Hi there, I am a new employee in IBM Ireland, i have got my Burp Suite professional License Key but i don't have the Professional Edition software(my Kali is Preinstalled with Burp Suite Community Edition) .Can you please...

Last updated: Jul 06, 2018 03:25PM UTC | 0 Agent replies | 0 Community replies | Burp Extensions

Burp upstream proxy settings and setHttpService

Hello, I was wondering if you can help me with a few questions. I'm trying to dynamically set the upstream proxy depending on the current request and modify incoming response based on a set of rules. In that regards,...

Last updated: Jun 28, 2018 12:52PM UTC | 3 Agent replies | 4 Community replies | Burp Extensions

Automatically Change Response

Hi, I am currently developing a Burp plugin in python and do have a problem for which I don't have a solution. I basically want to automatically change the response but I do have a plugin in between that decodes my...

Last updated: Jun 28, 2018 12:42PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

SAXParser Dependency Delimma

Hi guys, I'm in the process of writing a Burp extension in Python, and one of the dependency libraries makes use of the "xml.etree.cElementTree" module to parse XML markup. The problem is that any call to the...

Last updated: Jun 21, 2018 04:24PM UTC | 7 Agent replies | 12 Community replies | Burp Extensions

Problem with burp extension to automate security checks of single sign-on

Hello, I'm currently trying to develop (jython) extension to automate some work with single sign-on protocols (like oauth, saml etc.). The main idea how it would work is: - Check requests if it's an sso request -...

Last updated: Jun 13, 2018 04:48PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

active scan is waiting

Hi, I am working on extension that will send the url to do active scan. I noticed the urls I sent are all in "waiting" and need me to manually click "resume". Is there a way to make it scan without manual...

Last updated: Jun 12, 2018 07:29AM UTC | 5 Agent replies | 7 Community replies | Burp Extensions

Counting the requests from extensions

Hi, I want to ask - when I use some extenders (e.g. Scan Check Builder), when I remove all the Active scan rules, apart from those coming from extensions, and I only have a single extension running. In the session tracer I...

Last updated: Jun 12, 2018 07:04AM UTC | 2 Agent replies | 0 Community replies | Burp Extensions

Extensions class loading

Hello, I was wondering if Burp supports class loading from extensions. What I am looking for is if an extension can be made available as an API and that API's classes be used from other extensions. Does Burp's API...

Last updated: Jun 11, 2018 07:21AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Load an extension headless

Hi, I'm trying to build an easy scanner server, and need to configure Burp to scan in headless mode. As we don't have a graphical interface installed on this server, I have to do all things headless. I would like to...

Last updated: Jun 04, 2018 10:20AM UTC | 4 Agent replies | 4 Community replies | Burp Extensions

How to scan all urls of a webpage from command line.

Hi Team, I have used carbonate to san url from the command line where i can pass one url at a time and it scans the url and gives me the HTML report. Can i scan all the urls of a webpage from command line at a time....

Last updated: May 31, 2018 01:42PM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

Page 36 of 47

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image