Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Execute code when active scanner starts (only once per scan)

Bajii0 | Last updated: Jul 10, 2023 08:39AM UTC

Hello, I would like to know if a method existed to do this. I want to execute my own script with burp scanner, but my script are crafting their own requests and stuff. So I only need my script to be executed once, like it was a test like another to run. I could implement a 'state' in my doActiveScan, but I wanted to know if there were anything that would be already implemented for this case. Thanks a lot !

Hannah, PortSwigger Agent | Last updated: Jul 10, 2023 03:35PM UTC

Hi There isn't any native way to do this with your code. You would need to keep track of this behavior yourself. You can run a BCheck at a Host level. This will only run the check once per host. You could implement similar behavior to this in your extension. An existing extension (J2EE Scanner) has similar functionality that it has achieved through annotations in Java. You can find the source code for this here: https://github.com/PortSwigger/j2ee-scan/tree/master/src/main/java/burp/j2ee/annotation It looks like you may be using the Extender API. Whilst this is still available for use, we'd recommend taking a look at the Montoya API. This is much easier to use and has additional functionality compared to the old Extender API.

Bajii0 | Last updated: Jul 11, 2023 07:39AM UTC

I'll check thanks. I can't find a good and complete tutorial for Montoya API since every tutorials are a bit old. Do you know any ? (the burp official tutorial does not go far enough for me).

Hannah, PortSwigger Agent | Last updated: Jul 11, 2023 09:46AM UTC