Burp Extensions - Page 37 - Burp Suite User Forum

Failed to load any python extension

Hi! I have a problem with loading any python base extension in burp. I downloaded a jyton-standalone-2.7.0.jar and also configured python environment in extender options but when I want to install any python base extension...

Burp Extension Loading hangs

Hi I'm trying to load some Burp extensions (Java/Jython), but the load hangs without any error or log messages. I'm using the latest version of Burp Pro 1.7.35, the extensions I'm trying to load are: HUNT scanner HUNT...

Failed to import .py extension: OSError: [Errno 0] chdir not supported in Java

As the title says, I am facing this when trying to install Python extensions in Burp. Is it something related to jython environment variables? Thanks This is the complete traceback: Traceback (innermost last): ...

burp.byc

I was wondering if you have any idea what could lead to the following python stack trace when using the makeHttpRequest Burp extension API? Traceback (most recent call last): File...

Swagger Parser and Wsdler improvement

Hi Portswigger, I don't know if you already got a similar request. I would love to see a Burp Extension similar to Wsdler but for Swagger files (REST API testing) released. This would avoid having to chain Burp (and...

Detection of outdated components

Dear all, How can I know if a specific component is outdated and will be detected or not by BurpSuite? In specific I had a complaint from a customer, we did not detect that primefaces 5.x is vulnerable (CVE-2017-1000486).In...

How to affect URLs that show up in Target/Site Map

I am developing an extension to enhance the Target/Site Map filtering capabilities. Is there a way to intercept every Request coming into Burp to allow decision code that would determine if a URL will be displayed in the...

failed to coerce [Lburp.IHttpRequestResponse; to burp.IHttpRequestResponse

Hi everyone. I writing burp extender code using Jruby. and... come in error :( Plz help me... [ Error ] failed to coerce [Lburp.IHttpRequestResponse; to burp.IHttpRequestResponse [ Code line ] def...

Proxy PAC support

Hello there, A friend and I developed an extension in order to support proxy.pac files: https://github.com/vincd/burpproxypacextension The extension uses the proxy-vole library. Feel free to report bugs and ideas for...

Burp Suite Professional License Update

Hi there, I am a new employee in IBM Ireland, i have got my Burp Suite professional License Key but i don't have the Professional Edition software(my Kali is Preinstalled with Burp Suite Community Edition) .Can you please...

Burp upstream proxy settings and setHttpService

Hello, I was wondering if you can help me with a few questions. I'm trying to dynamically set the upstream proxy depending on the current request and modify incoming response based on a set of rules. In that regards,...

Automatically Change Response

Hi, I am currently developing a Burp plugin in python and do have a problem for which I don't have a solution. I basically want to automatically change the response but I do have a plugin in between that decodes my...

SAXParser Dependency Delimma

Hi guys, I'm in the process of writing a Burp extension in Python, and one of the dependency libraries makes use of the "xml.etree.cElementTree" module to parse XML markup. The problem is that any call to the...

Problem with burp extension to automate security checks of single sign-on

Hello, I'm currently trying to develop (jython) extension to automate some work with single sign-on protocols (like oauth, saml etc.). The main idea how it would work is: - Check requests if it's an sso request -...

active scan is waiting

Hi, I am working on extension that will send the url to do active scan. I noticed the urls I sent are all in "waiting" and need me to manually click "resume". Is there a way to make it scan without manual...

Counting the requests from extensions

Hi, I want to ask - when I use some extenders (e.g. Scan Check Builder), when I remove all the Active scan rules, apart from those coming from extensions, and I only have a single extension running. In the session tracer I...

Extensions class loading

Hello, I was wondering if Burp supports class loading from extensions. What I am looking for is if an extension can be made available as an API and that API's classes be used from other extensions. Does Burp's API...

Load an extension headless

Hi, I'm trying to build an easy scanner server, and need to configure Burp to scan in headless mode. As we don't have a graphical interface installed on this server, I have to do all things headless. I would like to...

How to scan all urls of a webpage from command line.

Hi Team, I have used carbonate to san url from the command line where i can pass one url at a time and it scans the url and gives me the HTML report. Can i scan all the urls of a webpage from command line at a time....

Carbonate extender not scanning the url.

Hi , I am trying to run scanner and publish the HTML report from command line. I want the feature to integrate security testing in my devops environment. I have added the carbonate extender. I am running the command :...