Burp Suite User Forum

Login to post

burp-batch-report-generator for Enterprise

Does anyone know of an extension for BSE that will allow us to generate and download reports for multiple scans at once? If we have a folder with many scans, is there a way to download reports for all Completed scans...

Last updated: Sep 08, 2022 08:07AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Is there any way to run another scan profile instead of "doActiveScan" on a extension?

Is there any way to run any other Burp Scan profile like "Audit checks - medium active" instead of "doActiveScan"?

Last updated: Sep 07, 2022 02:28PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Network Protocol Error

Hello Team, We are doing assessment for one of our internal application. However, whenever we try to intercept the traffic through BurpSuite, application is inaccessible with error: Network Protocol Error. For other...

Last updated: Sep 07, 2022 12:11PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

How to add a shortcut of extension feature

Hello Using the context menu for "https://github.com/portswigger/copy-request-response" every time feels lazy to me. I want to use extension's context menu by shortcut but i can't find related feature in burpsuite...

Last updated: Sep 07, 2022 05:29AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Burp Intruder Usage

Is is possible to run intruder in such a way that i could set some time delay of like 30 secs or a minute after a specific number of requests..For example let's say I'm running intruder with 100 payloads that generates 100...

Last updated: Sep 05, 2022 09:29AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

http request smuggle (http/2 smuggle probe)

The h2.cl request smuggling lab is straight-forward when performing manually. However, want to make sure the extent to which i can rely on the extension and scanner for detection. When i run the http/2 smuggle probe it...

Last updated: Aug 30, 2022 03:52PM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Burp Intruder consuming all RAM memory

When using Turbo intruder for brute force attack with 29 million passwords, the extension consumes all ram memory in few hours. My laptop has 32GB of RAM. What would be the problem? Why does the turbo intruder store...

Last updated: Aug 30, 2022 11:42AM UTC | 3 Agent replies | 3 Community replies | Burp Extensions

addCustomeHeader is not available in rules dropdowwn to select

Hi Team, I have added custom headers in addCustomHeader extention and trying to integrate with session by tagging it to Rules. But when i tried to select extention, its not available in dropdown. Thansk

Last updated: Aug 29, 2022 10:50AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Failed to Upload Active Scan ++ in Burp Enterprise Edition

I want to add the active scan++ extension to my Burp Enterprise Edition. I've downloaded the active scan++ bapp file from the Bapp store. While trying to add/upload this file in extensions, it says 'Unsupported Bapp...

Last updated: Aug 29, 2022 07:46AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Burp Suit Professional 2022.3.1 is not supporting HTML tag

Hi team, We have one extension in which we have used HTML tags at different places to add color, font and other html features. Our extension was working fine with Burp Suite 2022.2.4 but after we upgraded to the newer...

Last updated: Aug 26, 2022 05:37AM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Formatinng scanIssue

Hi, I am new to writing extensions in Burp and was just wondering how I can format the scan issues. With the Issue Detail I would like to colour code parts of the message, but whilst the API mention it accepts limited...

Last updated: Aug 25, 2022 10:23AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Scan Configuration

I am building an extension that calls doActiveScan and doPassiveScan. Is there a way to specify the scanner configuration. Currently tasks are created and there is a default scanner configuration used named Current auditing...

Last updated: Aug 18, 2022 08:24AM UTC | 9 Agent replies | 10 Community replies | Burp Extensions

Lab: Exploiting HTTP request smuggling to bypass front-end security controls, TE.CL vulnerability

Good morning, The following request in the provided solution did work for me but I don't understand how it's calculated. POST / HTTP/1.1 Host: aca11fb21f25e1e3803a19b400f90012.web-security-academy.net Content-Type:...

Last updated: Aug 17, 2022 02:49PM UTC | 2 Agent replies | 4 Community replies | Burp Extensions

About audit and how to judge start and end

Basically, I select one request from the history tab, run the audit, and then start auditing the next request after it finishes. I want to play a sound to notify when Audit (doActioveScan) starts and when Audit...

Last updated: Aug 15, 2022 08:57AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Extensions Load Error

Hello, While installing java or ruby related plugins, plugins with python do not load and give an error message. I tried to download from the bapp store is not installed. Burp Suite Professional 2021.10.3 OS:...

Last updated: Aug 15, 2022 08:25AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Burp Cookie Jar cookies not applied to requests for any tool

I am currently writing a Java based Burp Extension in order to navigate a complicated authentication system. I found that the macro recorder and other methods built into burp could not handle it, so I resolved to the...

Last updated: Aug 03, 2022 10:15AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

URI as insertion POINT

Hi, I am curious if we can insert out payload inside URI, We have multiple insertion points but all those are related to parameters and there is no insertion point returned for URI while BurpSuite ActiveScan does check...

Last updated: Jul 28, 2022 08:48AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Burpsuite API: is it possible to change the Socks/HTTP proxy settings through it?

Hello, All's in the title! I have been trying to figure out how to do these things but I could not find any documentation regarding them. Any help would be appreciated.

Last updated: Jul 27, 2022 11:05AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

burp theme change

if anyones got irritation in eyes looking at white burp for a long time then---> https://github.com/CoreyD97/BurpCustomizer/releases download the jar file and open extender and add the extension and u can change the theme...

Last updated: Jul 25, 2022 10:08AM UTC | 0 Agent replies | 0 Community replies | Burp Extensions

AMF

What is the current state of AMF support within Burp and Burp plugins? Searching through old support post most AMF support seems very outdated. I'm using Pro 1.7.30. I've tried Blazer. It throws a null pointer...

Last updated: Jul 20, 2022 04:57AM UTC | 2 Agent replies | 5 Community replies | Burp Extensions

Page 4 of 37

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image