Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

burp create custom msg editor like repeator

luffy | Last updated: Aug 30, 2023 09:46AM UTC

Hello,I want create http request/response dialog by callbacks.createMessageEditor, But I not found "send " button in dialog like repeator tab, How solved it?

Michelle, PortSwigger Agent | Last updated: Aug 30, 2023 01:20PM UTC

Hi There isn't a specific method to create a send button. Can you tell us more about what you want to achieve in your extension?

luffy | Last updated: Aug 31, 2023 01:00AM UTC

I want to listen to every request,Discovering sensitive information,Attempting to IDOR, Don't switch frequently Tab

Michelle, PortSwigger Agent | Last updated: Aug 31, 2023 08:41AM UTC

Hi Can you expand a bit more on your use case and your workflow? When you browse around a site using Burp's embedded browser, you can monitor the requests and responses in Burp's Proxy History tab. The default live scan task will also show the results of any passive scan checks. There may also be existing BApps that might help you achieve some of your goals, such as Sensitive Discoverer: https://portswigger.net/bappstore/81e073a640964b2ea3af0da93d048dbd

luffy | Last updated: Sep 01, 2023 05:54AM UTC

normal workflow: 1. browser web site,Proxy history will has many request 2. go to Proxy history tab 3. found sensitive request send to repeater tab 4. fuzz... in repeater tab 5. 2,3,4 again... 6. found vul I want workflow: 1. browser web site 2. pop dialog like repeater according to the rules 3. fuzz

Michelle, PortSwigger Agent | Last updated: Sep 01, 2023 07:22AM UTC

Hi How are you identifying the sensitive requests? Would applying a filter to the Proxy History the list help?

luffy | Last updated: Sep 05, 2023 03:32AM UTC

Oh, That is my question, I will crate yaml include regex rule.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.