Burp Extensions - Page 4 - Burp Suite User Forum

request().url() return value inconsistent

While working on an extension I came across an odd behavior but I'm not sure if it's expected or something with my extension code. It looks like for some reason, the HttpReuqestResponse.request().url() returns different...

sqlpyi

Hi I am trying to install sqlpyi but its not working , i tried many things but its showing sqlmap api is not running.I am using window machine. Colud you help me for this issue. Below some error when i tried to run...

api to toggle request method and body encoding

Hello Is there some api support to toggle http request? I konw the toggleRequestMethod can be use to toggle method from GET and POST，is there some one support toggle param to mutipart param in montoya api(like use it in the...

Are Jython extensions deprecated?

Hello, I was looking into writing an extension, and all of the current documentation seems to indicate it should be done in Java via the new Montoya API. Is Jython support going to go the way of the old extender API?...

How to limit binary response size

Hello I'm developing my extension to scan some backup file, like test.zip.But it will affect the performance when a large binary file be found.Is there some setting or some advices to limit the size of response in burp...

Global keyboard shortcut

Hi, I am writing an extension where it needs to access HttpRequestResponse object attached to currently focused editor from proxy, repeater, intruder tabs etc. I know context menu has this object encapsulated in event...

Fetch selected HTTP request/response without ContextMenu

Hello, thank you for your efforts on Burp's cool MontoyaAPI. I am currently developing an extension, and I would like to retrieve selected HTTP requests or responses from the Proxy History table or any other...

Persistence Ballooning Files

Hi, An extension I've built uses Montoya Persistence quite a lot. I previously ran into an issue where Burp files were ballooning because I was creating new lists every time I needed to save a new item to a list. I...

Get Only Selected Requests in Proxy History

I'm writing an extension using Montoya API. It needs to look at items in the proxy history and do some analysis. I see there is a method to get filtered items: List<ProxyHttpRequestResponse> history(ProxyHistoryFilter...

Using Hackvetor

Good day, in the solution for lab 17, how do we know the xml entity to use is "hex_entities" because there are more than 20 other entities we could use to encode. thank you.

Crawl.statusMessage in Montoya API is "Not yet implemented"

In a project I'm working on, I am trying to automate the scanning of a target in Burp Suite Professional. Because existing solutions like https://github.com/NetsOSS/headless-burp are old and have deprecation issues, I am...

How can i use global variable like fucntionality in burp repeater

I have a request in repeater and i want to store some values from this request as a global variable so that i can use them in other requests. it could be like in a key-value pair and stored in a seprate tab of extension...

Private Burp Collab Server Only Failing 'Verify DNS Interaction"

Hello, I am running into an issue where all checks are successful aside from DNS Verification. I have confirmed my config multiple times, but am still running into the same issue each time. I am using the server...

Getting the highlighted text in a HttpRequest or Response

Hey, Is it possible with Montoya or any other method in Java to get the highlighted text of a Request/response? I'm wanting to pass/get some highlighted text into a contextmenu event. Appreciate any help!

Folder for loading libraries/modules doesnt seem to work

"java":{ "folder_for_loading_library_jar_files":"path" }, "python":{ "folder_for_loading_modules":"path", "location_of_jython_standalone_jar_file":"path_jython" } This doesn't seem to take effect. I have taken...

Difference in response when active scan initiated via "BURP REST API Extension" and "BURP UI"

Observed that when "Active scan" is initiated via 'Burp REST API Extension', there is no response obtained for a request. However, if "Active Scan" is performed via the 'Burp UI-> Right Click option ("Do Active Scan")' then...

BCheck SQLi bypass autentication

Hi Hannah, and all Can you answer something for BCheck, how can I check for vulnerabilities in the body of the POST request for example: ``` Content-Length: 33 Sec-Ch-Ua: "Chromium";v="121", "Not...

JUnit test with Burp Extensions

Hi, I'm developing a Burp Extension and want to add some testing. Is there a way to create IHttpRequestResponse objects manual? Or retrieve callbacks during a JUnit test, without starting Burp. I do not really know what...

Jual Dildo Alat Bantu Pria / Wanita Di Jakarta Timur 081211113961 Toko Dildo Jakarta Timur

TOKO ACONG : JUAL DILDO, JUAL ALAT BANTU PRIA WANITA Jual Alat Bantu Pria Dan Wanita Dengan Kualitas Terbaik Watshapp : 081211113961 No Hp Aktif : 081211113961 Biar kami kirim gambar yang sesuai yang...

Suitab Highlight when action is performed in ContextMenu

This is more for the aesthetics of the extension. In a native burp tab, if we sent anything from the context menu, for example : Burp Proxy "Send to Repeater", the "Repeater" tab will light up. So how can I also do...