The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

New functionality - More information about responses

Andrej | Last updated: Sep 17, 2018 12:57PM UTC

Hi, I was thinking about a new functionality, which I believe may be very helpful during manual testing:) It would be using a library of pre-defined regular expressions and custom messages/colorings. If the response satisfies some regexp, it would be passively shown to the user in {Proxy, Repeater, Intruder}. There are many errors in the environment I work on, and sometimes it can be hard to notice it. There are different errors for API stuff that won't work, when different services are down, when outdated cookies are used, ... If the tester would pre-define the list, to passively notify if everything is ok/there is some error, it would help, especially with HTML responses which are very large, containing 200kB+ of HTML code. So far, we use Logger++ for that with a large library of different codes, but one needs to switch back and worth to see the results. It would be perfect to integrate the information in the tools like {Proxy, Repeater, Intruder} so that context switching is not needed. Thanks, Andrej

PortSwigger Agent | Last updated: Sep 17, 2018 01:17PM UTC

Some functionality pretty similar to this is available in the Error Message Checks extension in the BApp Store. When it finds things, it creates Scanner issues, which avoids you switching to and from Logger++ In the future we may make this a core feature.

Burp User | Last updated: Sep 21, 2018 08:53AM UTC