Burp Suite User Forum
Hi folks, I am currently trying to learn the Burp Extensibility API using this example (in Java); https://github.com/PortSwigger/example-scanner-checks and getting stuck with something. With latest Beta version of...
Normally, the SAML Raider extension will populate a SAML Raider tab when you select a SAML request in the HTTP History. Now, instead of populating the tab, it simply says "failureInInitialization". Awesome. I'd attach a...
Burp render
Hi Portswigger Support! I'm interested in using an extension (in headless mode) to spawn an authenticated crawl while using the 2.x versions of Burp Suite Professional. In the 1.x versions, I would have done this by...
I am behind a corporate proxy environment using Ubuntu. Using the corporate proxy settings I am able to use Firefox to view websites as expected so Burpsuite should be able to display the BApp Store list under the Extender...
I'm trying to create an extension for scanner to specify multiple insertion points and also do some custom encoding on the payload from scanner. I'm attempting to use the following example along with the documentation to...
After upgrading to BurpSuite v2.0.13beta the SQLiPY extension fails to load with the following error: ImportError: signal module requires sun.misc.Signal, which is not available on this platform After rolling back to...
This is my first attempt at writing an extension. I would like to intercept certain requests, inspect them, and handle SOME of them BEFORE they are sent to the remote server. In other words, for certain requests, I would...
Methods IBurpExtenderCallbacks.{includeIn,excludeFrom}Scope make it possible to add/remove a specific URL to/from the scope. Is there a way to use these or any other API call to perform actions like those available on the...
Hi, The retire.js extension in Burp Suite Pro is not working. I do not see any feedback during passive scanning in either the "Target>Issue" or "Scanner>Issue activity" tabs. The firefox Retire.js plugin does show issues...
As per the subject, I was wondering if it is possible to access the command line (either windows or linux) through a Burp extension.
08 ?.?. 2019 01:09:36 GMT+07:00 ID ???????????: 9FC40466TM976523J ????????? ??? ayut intasut ??????????????????? $399.00 USD ??? PortSwigger...
Hello, I am trying to create an extension in which you can highlight single or multiple lines of text in the request or response tabs. I am having an issue when you add a “Graphic” to the IMessageEditor text area that it...
My intruder scenario is brute forcing uids that are calculated based date. Current intruder has date payload, that is superb for the job. Now i would like to process these dates with my custom extension that formes uid...
Hello, I wrote an extension that fails for one of my user throwing an exception: --- Traceback (most recent call last): File "E:\BurpSuite Settings and Extensions\Extenders\OurExtensions\Radar\main.py", line 220, in...
I have an input string which contains an ENDASH encoded using UTF-8 as: %E2%80%93 When I decode that in my extension with IExtensionHelpers.urlDecode(String input) I get: â?? However, the Java...
For one of my scan, I noticed that the scan threads request/response doesn't look like a actual captured request/response which were captured while crawling the application, Cookie part was removed from the requests for most...
I noticed that there's a method called saveBuffersToTempFiles() that says that it allows saving of HttpRequestResponse objects to a file. Is there anymore information on how to use this? I haven't been able to successfully...
Hi Guys, I have pro license for burp and I am using carbonator to automate my scan on windows. But as soon as the scan finishes, burp shuts down and I am unable to export the reports of scanner. Could you guys please...
I noticed that the javadoc for the Burp API is no longer accessible. Was this on purpose for the 2.0 beta? https://portswigger.net/burp/extender/api/
Page 36 of 48
Your source for help and advice on all things Burp-related.