Burp Extensions - Page 4 - Burp Suite User Forum

Param Miner Rate Limit

Is there a way to rate limit the Param Miner extension when it is installed in Burp Community? You cannot use the Distribute Damage extension for this purpose as it cannot be installed in Burp Community.

I cannot install Hackvertor

I am doing this lab SQL injection with filter bypass via XML encoding. You recommend to install Hackvertor. I cannot install Hackvertor. It says installing and it stays in grey. Please help. Are there another...

Want to View Requests and Responses Simultaneously in Intruder

I've managed to view both requests and responses simultaneously using the following code, but it becomes cumbersome when redirects occur, as it doesn't display the initial request and response. Is it possible to develop an...

Ignore Macro for certain scan

I am currently working on developing a Python extension for active scanning. This extension has the ability to perform various types of scans, and as long as the user has configured macros, there are no issues with the...

Which extensions to use?

I want to perform basic vapt scanning on a domain or subdomains. So which are all the extensions that i can use for basic scanning.

Can We Implement a "Create New Group" API to the Montoya API?

Hi there! I'm currently working on a Burp extension that uses the Montoya API. I need to send multiple HTTP requests to the Burp Repeater, and it would be great if I could create a new tab group using the Montoya API....

Dynamically inserting client certificate

I've created a python extension to scan replies from a certain url for a certificate, and then save it to disk and run a command to convert it to pfx. This all works, I can then manually load it into the Project Options ->...

Cannot clean up configuration

Hi - I added the reshaper BApp, played around with it, and added a Rule for WebSockets containing an "unacceptable code point '–' (0x96)". Now on Loading the extension again (auto on startup or manually) I get an Error...

Extension driven passive audit

I have recently started seeing "Extension driven passive audit" automatically get created while I am testing. I checked the forums and prior release notes and didn't see any good answers to my questions. So here they...

gradlew error - HTTP Request Smuggler

Hi portswigger, When i run this command(gradlew.bat build fatjar or ./gradlew build fatjar), I get this erorr: ``` C:\Users\xxx\Desktop\http-request-smuggler-75a40815a944391bfbefe9c8b70faec1fae3ea21>gradlew.bat build...

Calling Logger through Montoya?

Hey there, I'm trying to create an extension which has a listener attached to the Burp Logger. Every time new requests/responses are logged, the extension will look through the new requests/responses and save the...

Montaya extension examples

For the old API (weiner) there was example in java, python and ruby. For the new montaya API there are only examples in java. Please add examples in python and ruby too.

Python Extension Loading Errors

I'm encountering this issue with all Python extensions from the BApp store and my personal extensions. This started to happen after a burp update at some point. I'm currently running 2023.10.3.4 but this started to happen...

HTTP Request Smuggler CLI

Hello portswigger, I want to use the HTTP Request Smuggler extender as cli, how can I do it? Regards.

Multiple IMessageEditorTab

I am working on creating two IMessageEditorTabs, one for requests and the other for responses. I know that I could use just one IMessageEditorTab and check whether the message is a request or response inside it. However, I...

Log4jShell scanner removed? Does Active scan++ supports Log4jshell?

Hi, Any reason why Log4jShell scanner extension is removed from BApp Store? Also, since Log4jShell scanner removed, does for all the below variants are supported by Active scan++ Feature Log4Shell scanner (this...

I can't install Highlighter and Extractor extension

Hi! I have a problem with the "Highlighter and Extractor" extension, it happens that when I want to install it from the BApp Store or manually, it gives me the following error: java.lang.Exception: Extension class is not...

Batch Scan Report Generator - faild to create reports

After the new Burp Professional upgrade version 2022.9.5, Batch Scan Report Generator is failling to create reports. The plugin print the message "Report Generation Complete!" but it it doesn't saved the report to the...

Montoya API: Burp 2023.10.2.4: java.lang.Exception: Extension class is not a recognized type

I have created a helloworld extension using the Montoya java code and getting the below error when I try to load (exported runnable jar: helloworld.jar) it in Burp UI: java.lang.Exception: Extension class is not a...

Error in JRuby extension in newest Burp versions

Hello, I've started to get errors in JRuby extension starting from v10 of Burp Community Edition (MacOS M1). JRuby version is 9.3.11.0 The error is raised when 'net/http' library is used. The error...