Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Get the type of check being performed by the scanner using a BurpExtender script

Doar | Last updated: Jun 26, 2018 11:45AM UTC

Hi, When implementing a BurpExtender script, and specifically a http listener, I know i can check if the Scanner generated the http message like so: def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): assert self._callbacks.getToolName(toolFlag) == 'Scanner' My question is: is there a way to get the *specific check* being performed by the Scanner which generated this http message? Thanks!

PortSwigger Agent | Last updated: Jun 26, 2018 12:42PM UTC

Hi Doar, Thanks for getting in touch. Unfortunately, there's no way to get that information with the current API. In the future we do plan to redesign the API. We're thinking about replacing the toolFlag parameter with a requestContext object that would contain more information - and potentially including the current scan check. However, this is likely to be some time away. In the meantime, can I ask what you wanted to do? There may be a workaround we can suggest.

Burp User | Last updated: Jun 26, 2018 01:38PM UTC

I see. I'm trying to categorize traffic according to the type of check the Scanner is currently performing. Of course there's always the manual option of clicking just one type of check in the scanner and running it, but that's very time consuming. If you can think of a workaround i would love to hear it. Cheers.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.