Burp Suite User Forum

Login to post

"Include relevant extract" in XML Report

Ermak | Last updated: Mar 23, 2016 10:30PM UTC

Hello, as already requested by other users two years ago (http://forum.portswigger.net/thread/1088/populate-enable-include-relevant-extract) I think it would be very useful to add the "include relevant extract" option also for XML report. There is no need to maintain the highlighted text, just avoid kb of response. The maximum length option limit is just useless because you can't know where the relevant extract is. For example, when we parse the XML file to generate an Excel or a PDF report for the customer, the response should contain just the evidence of vulnerability. At this time we have to copy and paste the response manually from Burp Target details, or parse the HTML file, both solutions are not optimal and time consuming. Thank you

PortSwigger Agent | Last updated: Mar 24, 2016 12:22PM UTC

We've noted this feature request and have it captured in our backlog. We'll update this thread when the feature is available.

Tim | Last updated: Apr 09, 2021 04:37PM UTC

I'll add my +1 to Ermak here, as I have run into this exact problem. When there are many findings for an engagement, combined with long requests and responses, imported Burp XML that has the details cause a fairly massive amount of busy-work to manually truncate all the irrelevant noise. Of course, part of the pain is that our reporting process uses MS Word as an intermediate, and it is ghastly at dealing with 1000+ page documents. The point is though, Burp has this information already, and could simply export using the same logic used for the HTML export. Also... it's five years now since Ermak's post above, and apparently seven since the previous most mentioned that is no longer online.

Uthman, PortSwigger Agent | Last updated: Apr 12, 2021 08:34AM UTC

Hi Tim, Thanks a lot for your feedback. We have registered your interest in this feature and will update this thread when it has been implemented.

You need to Log in to post a reply. Or register here, for free.