Burp Extensions - Page 37 - Burp Suite User Forum

Issue in loading jython files to burp

hello, I am seeing errors when I try to load burp extensions jython format, below is the error I see: java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.cs3.<init>(Unknown...

how to pass a file with URLS to SSLScanner

Hi fellow Burp suite users, I am using the SSL Scanner extension with Burp Suite and I wander if anyone has a script that can read a list of URLs from a file and then pass one item at a time to the SSL Scanner, run the...

how to start burp with specific extension loaded?

Hi, I am doing burp automation test. I would like to know if there is a way to start burp with a specific extension loaded. I noticed that burp will start with the last configuration used. Is there a configuration file that...

What class/parameter makes the extensions be part of the scanner "Follow redirection when necessary"

Hi guys, I have an extension here and I am looking for a reflective value, although when I look at flow or logger++ the 302 is hit but never followed after the POST. Is there a special trick to have the extension...

Auditing not calling doActiveScan(...) method via Extensibility API

Hi folks, I am currently trying to learn the Burp Extensibility API using this example (in Java); https://github.com/PortSwigger/example-scanner-checks and getting stuck with something. With latest Beta version of...

SAML Raider "failureInInitialization" with BurpSuite 2.0.16 beta

Normally, the SAML Raider extension will populate a SAML Raider tab when you select a SAML request in the HTTP History. Now, instead of populating the tab, it simply says "failureInInitialization". Awesome. I'd attach a...

Burp suite render

Burp render

Burp 2.x: Create authenticated crawl from extension

Hi Portswigger Support! I'm interested in using an extension (in headless mode) to spawn an authenticated crawl while using the 2.x versions of Burp Suite Professional. In the 1.x versions, I would have done this by...

Extender Not Displaying Plugins / Can't Refresh

I am behind a corporate proxy environment using Ubuntu. Using the corporate proxy settings I am able to use Firefox to view websites as expected so Burpsuite should be able to display the BApp Store list under the Extender...

Burp scanner insertion point custom encoding

I'm trying to create an extension for scanner to specify multiple insertion points and also do some custom encoding on the payload from scanner. I'm attempting to use the following example along with the documentation to...

SQLiPy fails to load after upgrade to v2.0.14beta

After upgrading to BurpSuite v2.0.13beta the SQLiPY extension fails to load with the following error: ImportError: signal module requires sun.misc.Signal, which is not available on this platform After rolling back to...

Handle IInterceptedProxyMessage BEFORE it's sent to the server?

This is my first attempt at writing an extension. I would like to intercept certain requests, inspect them, and handle SOME of them BEFORE they are sent to the remote server. In other words, for certain requests, I would...

Scope manipulation API

Methods IBurpExtenderCallbacks.{includeIn,excludeFrom}Scope make it possible to add/remove a specific URL to/from the scope. Is there a way to use these or any other API call to perform actions like those available on the...

Retire.js not working

Hi, The retire.js extension in Burp Suite Pro is not working. I do not see any feedback during passive scanning in either the "Target>Issue" or "Scanner>Issue activity" tabs. The firefox Retire.js plugin does show issues...

Access command line through Burp extension

As per the subject, I was wondering if it is possible to access the command line (either windows or linux) through a Burp extension.

??????????????????? $399.00 USD ??? PortSwigger Ltd (mail@portswigger.net)

08 ?.?. 2019 01:09:36 GMT+07:00 ID ???????????: 9FC40466TM976523J ????????? ??? ayut intasut ??????????????????? $399.00 USD ??? PortSwigger...

Highlighting in IMessageEditor

Hello, I am trying to create an extension in which you can highlight single or multiple lines of text in the request or response tabs. I am having an issue when you add a “Graphic” to the IMessageEditor text area that it...

Custom payload processor / generator

My intruder scenario is brute forcing uids that are calculated based date. Current intruder has date payload, that is superb for the job. Now i would like to process these dates with my custom extension that formes uid...

Odd inconstancy in extension behaviour

Hello, I wrote an extension that fails for one of my user throwing an exception: --- Traceback (most recent call last): File "E:\BurpSuite Settings and Extensions\Extenders\OurExtensions\Radar\main.py", line 220, in...

IExtensionHelpers.urlDecode() not handling UTF-8

I have an input string which contains an ENDASH encoded using UTF-8 as: %E2%80%93 When I decode that in my extension with IExtensionHelpers.urlDecode(String input) I get: â?? However, the Java...