Burp Extensions - Page 4 - Burp Suite User Forum

Headless-Burp Not Recognizing License

I'm currently trying to test out the capabilities of Headless-Burp with BurpSuite Pro, but when prompted for the license key, it responds with "The supplied license key was not recognized. Please try re-entering your license...

WebSocket API

I'm dealing more and more with websockets: is there _any_ way to modify requests on the fly? I'm not afraid of writing a custom extension or fiddle with scripting my own tools. FWIW, if you provide some guidance, I could...

How is the ProxyHistoryFilter used?

I am trying to use the new ProxyHistoryFilter API to filter messaged with custom logic. the general idea is to transform an encoded request/response body then use the user's supplied regex/text to search that. However, the...

Jython standalone 2.7.3 error

I downloaded Jython standalone 2.7.3 when I try to add it to Burp I get the following error: java.lang.Exception: Extension class is not a recognized type at burp.Z_0u.ZF(Unknown Source) at burp.Z_0u.ZW(Unknown...

installed extension macos

where can i find them pls

Extension is not following redirects.

Hello Team, Hope you guys are doing well. I 'm currently writing an extension for my burp suite but i 'm facing an issue related to following redirects properly in extension code. I 'm using Jython as development, and...

Create a multi-task extension

Hello, I would like to create a multi-task extensions, checking for a lot of different things such as header presence, injection, or even broken access control. In order to do it, I though need to separate things and I...

Chinese charset not display correctly in issue table.

Chinese charset not display correctly in issue table. I already set the correct charset in User Option-Character Sets. HTTP message and Extender output display Chinese charset with no problem. Only issue table not display...

Issue Dashboard does not support Unicode Character

Hi issue dashboard and the relative api is useful but it does not support unicode charater(like Chinese),do you have any plan to resolve it?

Failed to load Python interpreter from Jython JAR file

I installed the Autorize extension but I got the following error: java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.Zjqo.Zp(Unknown Source) at burp.Zy9.ZG(Unknown Source) at...

Burp File Size - Extension data vs Persistence

Hi, Im having some issues with Burp file sizes due to extensions, but I'm confused as to the cause. I have an extension I created that is causing Burp files to balloon to 20x their normal size. As this extension makes...

Failed to download Bapp File

I encountered an issue while attempting to install a plugin from the BApp store as the Bapp File failed to download. Interestingly, when I utilize the URL "https://portswigger-cdn.net/bappstore" in my personal browsers such...

Importing external JFreeChart library - ClassNotFoundException

Hi, I'm developing a Burp extension in Montoya, and I'm using the external JFreeChart library to implement some graphing functionality. I have added it as a dependency in the following way: In the project...

Turbo Intruder error

Hi everyone, I've just downloaded Turbo Intruder and was about to use it for the first time. I chose one of the easiest lab for this...

Why do my built in lists in Burp have {Base} in the payload and how do I use them?

So, in Intruder if I load certain built in payload lists (like the SQLi one), many of the requests have an entry like "{Base}' or 1=1--", however then the request is sent to the server like: GET /example.php?id=123{Base}' or...

Highlighting in the Text Editor

In newer versions of Burp, the text editor highlights the request and response. Now for extensions it would be nice to "hook" into this process or replicate it in the TextEditor. I've tried to add <html> at the start of...

Other Extension interference

Hey, I've written an extension that analyses an app's parameters. However, I come across an issue with other extensions such as log4shell everywhere adding the query parameter "action" to every request. I've played with...

Confirmation of payment for extension of license

Hi, I would like to inform you; we made a payment in total amount of 449,00 USD. Payment is still in process. Could you please give me contact (e-mail address) to whom I could deliver proof of made payment. Thank you in...

Burp Automation - Scanning for specific vulnerability

Dear, I want to write a burp extension in java, that will use burp scanner. Can we scan a request with specific (user defined) audit configuration in burpsuite professional. Like, extension will check if there is an id...

Manual Install of Burp Extension

Hi, I hope I didn't miss it anywhere on the website, but I couldn't find how to install a local Jython extension in Burp through the Manual Install-button in the BApp Store tab. The extension runs fine in...