Burp Suite User Forum

Create new post

CO2 extension marked by antiviruses as malware

The CO2 extension is considered malware by more AV/EDR vendors. I could not find a reason behind it and our EDR vendor did not share their reasons either. Do you have a clue what is going on here? The page for the...

Last updated: Nov 06, 2023 10:20AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Show changed responses from Extension in Repeater tab

Hello! I develop my custom extension (using Montoya API) which modifies request from the Repeater before sending it to the target host. It works great - in Logger I see all changes. But I am also want to see modified...

Last updated: Oct 30, 2023 02:37PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Time based request

Hi Team, Does burp suite has any functionality wherein it can revoke either an extension or a request after a certain period of time? Or any extension having the functionality wherein it can send a request after a...

Last updated: Oct 30, 2023 09:52AM UTC | 4 Agent replies | 4 Community replies | Burp Extensions

Turbo Intruder - race-single-packet-attack.py Not queueing requests

Hello, I'm doing some research regarding James Kettle's single packet race conditions. I've tried his probe script as well as race-single-packet-attack.py but it doesn't actually queue the requests. The majority of...

Last updated: Oct 30, 2023 09:09AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Does Burp create a copy of an installed extension?

When developing a new extension, one has to install it multiple times. I noticed that Burp Suite will keep track of where the JAR is originally located when you add it as an extension. I was curious if it's possible...

Last updated: Oct 25, 2023 04:24PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Turbo Intruder: Script with randomly generated strings

The integrated Intruder is great, but I still wanted to use the speed of the Turbo Intruder for some tests in our fuzzy lab. The handling of the characterstrings to be generated has to be very flexible and this is what came...

Last updated: Oct 24, 2023 12:43PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Error Message: 'Configuration JSON Found' in Burp Suite Extension Loading

I'm using burpsuite pro v2023.10.3.1 and I'm currently facing an issue while loading extension on java and python enviroment. I can install java 18 in windows11 and i have loaded jython-standalone. When I attempt to load an...

Last updated: Oct 23, 2023 04:43PM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Turbo intruder has encoding base64??

Hi dear İ have a target it's login page encoded with base64 (user password) i easily could attacked successfully with intruder because it had payload rule that encoding credentials to base64 or hash or .... but in turbu...

Last updated: Oct 23, 2023 10:33AM UTC | 4 Agent replies | 3 Community replies | Burp Extensions

extension error when load in java environment

"I'm encountering an issue in Burp Suite where I receive a 'configuration JSON found' error message when trying to load an extension. Could you please help me diagnose and resolve this problem?" "I've come across an...

Last updated: Oct 23, 2023 09:04AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Single Connection in BCheck

I am creating a BCheck on Client-Desync and Request Smuggling and I need to be able to configure the BCheck to perform the requests in "Single Connection" mode but I don't see how to do it in the documentation.

Last updated: Oct 20, 2023 12:28PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Student license

Hello Burp Suite, I am a computer science student at the university Osnabrueck. I wanted to ask if it is possible to get a burp suite professional license for students. I really like to use your product but I can't afford...

Last updated: Oct 19, 2023 01:39AM UTC | 2 Agent replies | 3 Community replies | Burp Extensions

Custom Burp Extension Estimated System Impact

Can anyone explain how Burp calculates the "estimated system impact" for a custom (non-BApp) extension?

Last updated: Oct 18, 2023 03:48PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

ssl scanner not producing results other tools can

The SSL Scanner extension: https://portswigger.net/bappstore/474b3c575a1a4584aa44dfefc70f269d has not been able to scan many sites (mainly internal, so I cannot share) They are scanned properly by other ssl applications,...

Last updated: Oct 18, 2023 09:31AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Cannot see custom Python Extension

Hi. I have a custom Python script extension to delete Burp Cookies. However, when I loaded it in burpsuite, I can not invoke it the extension to run with Macros because it ddid not display for selection. The extension is...

Last updated: Oct 17, 2023 10:39AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

CVSS Score generate suite

Hi all, this is a big task for me is that without CVSS Score in reports in our organisation the stakeholders are accepting the reports so,please provide the root cause for this CVSS Score generation by using the extension

Last updated: Oct 10, 2023 09:43AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Checking which extension initiated the request in Montoya API

Hi, just like in the topic name - I have HttpRequestToBeSent object and would like to see which extension does it come from (for example - Param Miner specifically). Currently I only know how to check whether the request...

Last updated: Oct 09, 2023 10:53AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Using Montoya API How do I insert Text String into the Request Editor?

I have the context menu working... but I can't figure out how to insert some text. Looking for a Current java Montoya example of inserting Text into the Request Editor. Goal is to replace a selection, or simply insert...

Last updated: Oct 06, 2023 12:35PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

CVSS Score need to print in ths Report

Hi all, I am trying to generate report including CVSS score in theyou report so,could you please help me that how to add the CVSS Score extention into my burp suite professional tool,its an important task given by my...

Last updated: Oct 06, 2023 10:24AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

Turbo Intruder ( Import error of a python library - requests module )

https://forum.portswigger.net/thread/turbo-intruder-import-error-of-a-python-library-requests-module-6ae4fd21 My query got unanswered. Please can someone look into this ...

Last updated: Oct 05, 2023 04:57PM UTC | 4 Agent replies | 5 Community replies | Burp Extensions

Burpsuite extension for request per second statistics

Dear, Is there any burspuite extension to show actual requests statistics, per second? I mean, we configure number of threads, and delay between requests for a scan in burp. But how many requests are being sent to server in...

Last updated: Oct 05, 2023 12:59PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Page 5 of 49

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image