Burp Suite User Forum

Create new post

burp hangs while shell command completes

Hello, I have an extension which calls a shell command that takes a bit to complete. After invoking this from the context menu, burpsuite hangs and resumes after the command completes. I have tried using threading to avoid...

Last updated: Sep 01, 2015 09:18AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

The scanner report size is not consistant for the same web site.

Hi we have a job (scheduled to run once a day) that invokes BURP (with carbonator extension) through cammand line. this setup is been working for quite a while. when we look at scanner reports we see that some days it is...

Last updated: Aug 12, 2015 01:18PM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

How to send a post request?

I read the document and know that we could use `makeHttpRequest` to send request. I've tried that if I used `PARAM_URL`, it success. I've read this thread...

Last updated: Aug 10, 2015 09:31AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

How Does Burp Handle Responses?

Hi, I hope this is not a duplicate question, but I couldn't find the response to it. I wonder if it is worth checking if the response I'm analyzing for the PDF Metadata Extension is actually a PDF file before reading the...

Last updated: Aug 10, 2015 08:20AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

How to transfer some domain’s requests to my server?

I use Burpsuite as a proxy, and I want to collect all the requests of some domain, then send these requests to my server . For example, I want to collect all the requests of [target.com]. When a request like below come...

Last updated: Aug 04, 2015 02:22AM UTC | 3 Agent replies | 4 Community replies | Burp Extensions

Running automated scans with Carbonator

We installed Carbonator from within the Burp scanner under the BApp store and ran the following command for as a test: java -jar Xmx2g c:\Users\Desktop\Burpsuite_pro_v1.6..21.jar https://www.google.com. We received the...

Last updated: Jul 31, 2015 08:13AM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

Re-writing responses

I am trying to write my first extension to add a csp header to the response. I have found several articles about adding headers to the requests but none for responses. This if my first try, which does not work. Any pointers...

Last updated: Jul 30, 2015 03:21PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Request and response time API must be implemented for logging functionality.

I have asked in Burp Suite User Forum about "Accessing the response time" for long time ago, and I am waiting for 1.5 years approximately, regarding to http://forum.portswigger.net/thread/686/accessing-response-time...

Last updated: Jul 17, 2015 07:28AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Adding POST request to site map also adds a GET for same URL

I have a simple class that implements IHttpRequestResponse and IHttpService. I use it to construct a IHttpRequestResponse object that is ultimately added to the site map using IBurpExtenderCallbacks#addToSiteMap. When...

Last updated: Jul 16, 2015 12:19PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

JRuby + Swing: Stderr doesn't go to UI until extension reload

Burp 1.6.20, tried JRuby 1.7.12 and 9.0.0.0.rc1. In registerExtenderCallbacks, I instantiate a class that creates a Swing UI for my extension's configuration. The config UI creates a DefaultTableModel to hold my config...

Last updated: Jul 07, 2015 07:56AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

VirusTotal Extention

Greetings- I've been writing an extension that will take a URL that is intercepted by burp and submit it to VirusTotal for analysis. Here is a snippet: def changeSelection(self, row, col, toggle, extend): ...

Last updated: Jul 06, 2015 10:45AM UTC | 0 Agent replies | 0 Community replies | Burp Extensions

Issue with the IBurpExtenderCallbacks method removeHttpListener

I'm trying to remove a HttpListener that I have created. I noticed in the extender javadocs that there is a method called removeHttpListener, however the method doesn't exist in the IBurpExtenderCallbacks.java interface. I'm...

Last updated: Jun 26, 2015 08:39PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Python interface text control

Hi guys, I am reading the API documentation and i have not clean the funtion that i need to use for my question. Easy question, what API funtion i have to use for control the text portion selected from any part of...

Last updated: Jun 25, 2015 02:29PM UTC | 2 Agent replies | 2 Community replies | Burp Extensions

Supported Layout Managers

I've been noticing that when I use certain layout managers in my extension the extension no longer works. It doesn't throw any errors when I'm loading it, but it never creates its tab. What layout managers are actually...

Last updated: Jun 18, 2015 08:06AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Update the content of the Intruder attack window

I would like to intercept a request after an intruder attack is started. After the intercept, I want to modify the request and send them out. At the moment I'm trying it with a httpListener, but this does not update the...

Last updated: Jun 15, 2015 02:25PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Adding a header with ISessionHandlingAction

I have a super simple extension to just jack in a static header for an api authentication on a Backbone site. It doesn't work, and I don't know why. Anyone have any ideas? from burp import IBurpExtender from burp import...

Last updated: Jun 04, 2015 02:24PM UTC | 3 Agent replies | 5 Community replies | Burp Extensions

[python] registered callback 'performAction' never called

I want to use a python extension to calculate a custom header I need to read a header, url and body (in case of POST) and calc a SHA1. my code so far: https://paste.cybertinus.nl/p/u33AS8kCnT I double checked al...

Last updated: Jun 02, 2015 07:15PM UTC | 0 Agent replies | 1 Community replies | Burp Extensions

Burp plugin that does not launch Burp GUI

We want to write a plugin that runs certain Burp functions, but does so in the background, and without launching the Burp GUI. Is there a way to suppress the GUI while executing certain functions (e.g., Scan)? Please...

Last updated: Jun 02, 2015 01:17PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Design of Active Scanner plugin vs InsertionPoints

Hi all, I'm new to extending Burp and I wanted to add an active scanner plugin for XXE injection. Therefore I want it to take all post requests, change the content type to text/html and perform some xml entity queries...

Last updated: May 15, 2015 02:28PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Is it possible to get the request that originated a response from a MessageEditorTab?

Hi, Is it possible to get the request that originated a response from a MessageEditorTab? Im only adding the tab for the responses, I want to search a log file based on a request header and paste the log entry in the...

Last updated: May 11, 2015 10:30AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Page 49 of 50

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image