Burp Suite User Forum

Python extension import package error

Hello, I've run into an application that AES encrypts the body of HTTP requests and responses, I am writing an extension to decrypt and encrypt the payloads. I am writing the extension in Python and I receive an error...

Last updated: Jul 15, 2019 01:41PM UTC | 2 Agent replies | 0 Community replies | Burp Extensions

Burp Extension + UpStream Proxy SLOWWWW

Hi all, I created a burp extension that decrypts AES traffic. The infrastructure I am testing is in such way that all requests' payloads are being encrypted with AES. In order to work around this, I am sending the...

Last updated: Jul 11, 2019 10:00PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Is it possible to retrieve the path of the currently open project?

I would like to retrieve the path of the currently open Burp Project to reference some resource on the filesystem relative to the project directory. I am unable to find a suitable API to do this in the documentation. Is...

Last updated: Jul 09, 2019 10:33AM UTC | 2 Agent replies | 1 Community replies | Burp Extensions

when I install a python extender(burpsmartbuster), it points out that "failed to load bapp"

I have already install jython.jar file(2.7,the file has been selected in options) and python(but i have two versions of python and both of them is system variables) the error messages is...

Last updated: Jul 08, 2019 01:25PM UTC | 6 Agent replies | 6 Community replies | Burp Extensions

Request interception

Hi there, I'm aware that if you register a IHttpListener you are able to intercept requests before they are sent out. Is it also possible to intercept a request prior to assigning it a tool, for example, the...

Last updated: Jul 05, 2019 01:58PM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Method to Pause/Unpause Scanner

Does the API include methods for an extension to pause and unpause the scanner? I have searched the Javadocs but didn't find any. My scenario is an extension that implements ISessionHandlingAction to re-login the user...

Last updated: Jul 01, 2019 11:24AM UTC | 3 Agent replies | 3 Community replies | Burp Extensions

Unable to edit the content headers

What is wrong in the below code ? I do not see the request getting edited as I don't find the 'Edited Request' tab at all: package burp; import java.io.PrintWriter; import java.util.List; public class BurpExtender...

Last updated: Jun 29, 2019 12:25AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Session dies while scanning

Guys, I have this very general problem. I did a search across the google, but did not find a proper solution. This is what I have done: I have created a session validation under Projects->Sessions Under that, I have a...

Last updated: Jun 27, 2019 01:30PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

System.exit() kills Burp

I'm building an extension that will call a Java command line program from within Burp (by calling the main() method). Unfortunately, when the command line tool finishes, it calls System.exit(0); which doesn't just kill the...

Last updated: Jun 26, 2019 10:38AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Burp Fails to add Jython.jar

I downloaded and installed Jython-2.7.0 following the link provided by Burp. I try to add this one to Burp and facing the error message: java.lang.ClassNotFoundException: burp.BurpExtender at...

Last updated: Jun 26, 2019 10:04AM UTC | 1 Agent replies | 1 Community replies | Burp Extensions

Output in the UI

This is my code: package burp; import java.io.PrintWriter; import java.util.List; public class BurpExtender implements IBurpExtender, IHttpListener, IProxyListener { // // implement IBurpExtender ...

Last updated: Jun 25, 2019 02:20PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Sending an unmodified and a modified HTTP request

I am trying to write an extension that when the user makes a request the extension will send two requests, an unmodified request so that the browser will load normally and one where a parameter is added at the end of the URL...

Last updated: Jun 25, 2019 10:33AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

BURP CI Driver

hi, i downloaded Burp CI driver that provides a command-line interface for use by any CI platform. but not able to execute any commands using the jar file also could not find any source in google. could any one suggest...

Last updated: Jun 13, 2019 02:24PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Scanning a site with basic authorization (Burp suite enterprise Rest API)

Hello. I want to scan sites where basic authorization is installed. What tokens can I use in building a curl request for basic authorization? curl -vgw "\n" -X POST 'http://burp.link.to.rest.api/v0.1/scan' -d '{ (???basic...

Last updated: Jun 03, 2019 02:55PM UTC | 3 Agent replies | 2 Community replies | Burp Extensions

ci integration with burp suite

Hi team, Our company recently bought professional burp suite. We need to integrate the burp suite and Jenkins. I want to know how the reports will be generated and send to us, as we don't have access to Jenkins. What...

Last updated: May 30, 2019 09:35AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

Issue in loading jython files to burp

hello, I am seeing errors when I try to load burp extensions jython format, below is the error I see: java.lang.Exception: Failed to load Python interpreter from Jython JAR file at burp.cs3.<init>(Unknown...

Last updated: May 13, 2019 11:01AM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

how to pass a file with URLS to SSLScanner

Hi fellow Burp suite users, I am using the SSL Scanner extension with Burp Suite and I wander if anyone has a script that can read a list of URLs from a file and then pass one item at a time to the SSL Scanner, run the...

Last updated: May 08, 2019 03:25PM UTC | 1 Agent replies | 0 Community replies | Burp Extensions

how to start burp with specific extension loaded?

Hi, I am doing burp automation test. I would like to know if there is a way to start burp with a specific extension loaded. I noticed that burp will start with the last configuration used. Is there a configuration file that...

Last updated: Mar 27, 2019 01:05PM UTC | 11 Agent replies | 12 Community replies | Burp Extensions

What class/parameter makes the extensions be part of the scanner "Follow redirection when necessary"

Hi guys, I have an extension here and I am looking for a reflective value, although when I look at flow or logger++ the 302 is hit but never followed after the POST. Is there a special trick to have the extension...

Last updated: Mar 20, 2019 01:53PM UTC | 2 Agent replies | 3 Community replies | Burp Extensions

Auditing not calling doActiveScan(...) method via Extensibility API

Hi folks, I am currently trying to learn the Burp Extensibility API using this example (in Java); https://github.com/PortSwigger/example-scanner-checks and getting stuck with something. With latest Beta version of...

Last updated: Mar 15, 2019 03:28PM UTC | 4 Agent replies | 4 Community replies | Burp Extensions

Page 5 of 19

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image