Burp Suite User Forum

Create new post

Dynamically create proxy autoconfig files

Gary | Last updated: Jun 06, 2018 04:26AM UTC

Love your product, been using it for over a decade. I just had an idea for a feature that I think would be really interesting and useful. You could dynamically create a proxy autoconfig file that would only proxy items that are listed in the Burp project scope. If Burp weren't running, this would have the effect of proxying nothing; if it were, it would proxy nothing until something was added to the scope, and then it would only proxy those specific items. This would dramatically clean up the mess in the target map, avoid picking up web pages from unrelated websites, and end the need to constantly turn proxies on and off when you're testing.

PortSwigger Agent | Last updated: Jun 06, 2018 07:02AM UTC

Hi Gary, Thanks for your message. It's an interesting idea. You can get a similar effect using an existing option. In Proxy > Options > Miscellaneous, enable "Don't send items to Proxy history or other Burp tools, if out of scope". Also, rather than turning proxies on and off, I recommend using two browsers - one for testing, and another for general browsing. You can potentially use multiple profiles of the same browser. For example, you can start a second instance of Chrome with a command line like: "...\chrome.exe" -proxy-server= -incognito -user-data-dir=C:\foo about:blank A worry with auto-generating a PAC file is that it might get cached and when a user updates their scope, this doesn't take effect. Again, thanks for the suggestion. Let me know how you get on with these workarounds.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.