Burp Suite User Forum

Login to post

Custom Burp Collaborator Responses

J | Last updated: Dec 15, 2022 08:27PM UTC

It would be cool if there was an "intercept" feature for burp collaborator RESPONSES. Basically when a request comes into the collaborator, it could give an interface similar to the proxy intercept interface that allows you to modify the default response generated by the collaborator server. Then the server would just send along whatever response the user entered. It would additionally be nice to be able to select which types of requests the user wants to be intercepted (and allowed to modify before sending) similar to how the proxy intercept feature allows you to only intercept certain requests. In fact, using the exact same filters as the proxy intercept for HTTP type, but just adding some options for filtering based on "type" as well would be good.

J | Last updated: Dec 15, 2022 08:29PM UTC

This would allow for more advanced OOB testing scenarios without having to spin up a separate server. All of the infrastructure is already present with burp collaborator, just needs to allow easy configuration. Also, I could see how it might be an issue to do this on the shared burp collaborator server provided by PortSwigger (though it still seems technically feasible)... but if so, it could still be implemented as a "self-hosted burp collab" feature" only.

Michelle, PortSwigger Agent | Last updated: Dec 16, 2022 01:47PM UTC

Thanks for getting in touch. It's always good to hear new ideas. I've been having a chat with the team, and I'm afraid this would actually be a fairly major change to the Collaborator server. Would the ability to create templates for a private collaborator server to use as a base for responses help you achieve some of the things you need? Or does your scenario involve customizing individual responses each time?

You need to Log in to post a reply. Or register here, for free.