Burp Suite User Forum

Create new post

Need info for creating custom intruder gui

Hello All, I am working on a extension development which has a requirement for custom UI for intruder tab with default intruder functionalities (i.e. the ui is only different, core functionality will be same as intruder...

Last updated: Jun 28, 2017 09:38AM UTC | 1 Agent replies | 2 Community replies | Burp Extensions

How to detect active and/or passive scanning activity is done

Hi, I need help on the Burp Extensions. I would like to generate customized issue reports once active and/or passive scanning activity is done. But how to get ScanQueueItem status or percentage in order to know if the...

Last updated: Jun 20, 2017 08:49AM UTC | 3 Agent replies | 4 Community replies | Burp Extensions

"ImportError: No module named os" with Headers Analyzer extension.

Hi, I'm running the latest Burp Suite Pro (1.7.23) on Kali Linux rolling 2017.1. After installing "Header Analyzer" extension i'm unable to start it. I get an error: #### Traceback (most recent call last): File...

Last updated: Jun 05, 2017 06:37PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

BurpSuite Professional 1.7.23 hangs during extensions loading

Hi, After upgrading my Parallels Kali 2.0 VM from BurpSuite Pro 1.7.21 to 1.7.23 I noticed that whenever I want to install and load new extension BurpSuite hangs and enters something like deadloop. I tried few things...

Last updated: Jun 05, 2017 10:52AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Does not having BS Professional license impact Burp Extender?

Question is quite specific enough, but to elaborate, I basically plan on writing something to visualize the sitemap better, and in a aesthetically-pleasing fashion. So obviously the only information I need access to would...

Last updated: Jun 05, 2017 08:06AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Extension for session handling not loaded

Hi, I use Extensions together with Makros and Makro-Postprocessing Extensions (for Session Management und Relogin). Generell the concept works. From time to time (every other our) I get alerts ("Configured Burp...

Last updated: May 25, 2017 12:54PM UTC | 4 Agent replies | 4 Community replies | Burp Extensions

How do I highlight requests in a custom ITextEditor?

I am writing a extension that adds a IMessageEditorTab to each request that displays a modified HTTP body. The base of the code is very similar to...

Last updated: May 22, 2017 02:48PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Cannot import burp Extentions from python file

I'am trying to import IBurpExtender into my extention but I cant seem to import any of the API. I keep getting an import error. I cant figure out what is wrong. Traceback (most recent call last): File...

Last updated: May 17, 2017 02:57PM UTC | 4 Agent replies | 4 Community replies | Burp Extensions

Setting up Burp Proxy

is there any way i can set up burp proxy and port programmatically using burp extender?

Last updated: May 16, 2017 07:20AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Override final ActiveScan values to insert custom payload?

Is there a way to override ActiveScan checks or the order of checks so a custom check is run last? I'm trying to detect a certain type of XSS attack in our application where we're using Selenium to detect if javascript...

Last updated: May 09, 2017 08:23AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Using IBurpExtenderCallbacks.makeHttpRequest at Background

I am trying to send 10 new requests after all requests generated by proxy. For that, I am handling requests in processHttpMessage method and sending requests with IBurpExtenderCallbacks.makeHttpRequest. It works but the...

Last updated: May 02, 2017 08:02AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

SAX2 driver class org.apache.xercer.parses.SAXParser not found

Hello friends I'm trying to parse XML from requests in my plugin but every time this error occours: java.lang.ClassNotFoundException: org.apache.xerces.parsers.SAXParser at...

Last updated: May 02, 2017 07:48AM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

IMessageEditor get selected Offset (similar to textEditor)

Hi Team I'm using an IMessageEditor object to create a combination of repeater and intruder. However, the function i am missing for IMessageEditor is the getSelectionBounds() (which exists for ITextEditor . What would be...

Last updated: Apr 28, 2017 01:53PM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

Custom Hotkey for Burp Extension

Dear Portswigger Team, Is it possible to register a hot key for an action provided by an extension? My use case is the following: I have created a new behaviour for "Send to Intruder" (default ctrl+i) and for this...

Last updated: Apr 24, 2017 09:33AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Intercept Burp's requests and set authenticated upstream proxy.

Hi, I want create an extension that will intercept and proxy Burp's requests. I noticed I can implement IHttpListener and override processHttpMessage() and set a new IHttpService for each request. The problem is...

Last updated: Apr 13, 2017 03:23PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Control of the Intruder Engine

Does the present version of burp suite provides any API to control the Intruder engine that means using custom scheduler and firing each packets. Every thing we found till now is to custom payload.

Last updated: Apr 13, 2017 03:22PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Issue Deserializing AMF messages with burpsuite

I am unable to deserialize AMF messages in response only. I am using the current version of Burpsuite. I have used both the builtin in AMF analyze and display option and the AMFDSer extension. They were only able to...

Last updated: Apr 11, 2017 06:34PM UTC | 0 Agent replies | 0 Community replies | Burp Extensions

Possible Classpath Issues when using beansbinding (JSR 295)

Hi everyone I am currently trying to finalize my Burp Suite extension. To bind POJOs to the View (two-way binding) I am using beansbinding respectively betterbeansbinding (JSR 295). When I start my extension via NetBeans...

Last updated: Mar 24, 2017 12:27PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Auto-marking parameters in URL paths in intruder

The swurg extension allows parsing swagger json files into items in burp that can be then sent to intruder, repeater, or scanner. However, swagger json files allow for parameters inside URL paths. There seems to be no way...

Last updated: Mar 14, 2017 11:15PM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Binding proxy on custom port programmatically

In my extension i want to accept all requests on custom port (for example 1337). There is no actual server on my computer, just another tool in the Internet, which would send there requests. I thought about proxy listener,...

Last updated: Mar 13, 2017 11:49AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Page 41 of 49

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image