Burp Suite User Forum

Use cookies switch in Repeater

Andrej | Last updated: Jan 07, 2019 09:42AM UTC

Hi, Many times, I need to test authenticated and unauthenticated stuff manually in Repeater. I know that I can go to settings and check the checkbox to use cookies/session management rules for Repeater, but that is pretty long. Would it be possible to have a switch button in the main repeater UI to "Use cookies/session management" or "Not use cookies/session management"? That way, for unauth tests I would remove cookies from the request, put switch on "don't" and then switch authenticated part for "Do use" switch, after which cookies would normally be applied as usual? I think it would be a huge benefit for manual testing:)

PortSwigger Agent | Last updated: Jan 07, 2019 02:01PM UTC

This is something that can be done quite easily using the extender API. In fact, I have coded you an extension to do exactly that: - https://github.com/pajswigger/repeater-cookie-switch I hope this does what you need. Let me know if you need a tweak to this (or submit a pull request!)

You need to Log in to post a reply. Or register here, for free.