Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

How to set active scanner insertion points

vino Aug 09, 2019 05:32PM UTC

I'm trying to set custom insertion points for the header,query param and body parameters.
Currently I'm using active scan method by passing manually caluculated offsetlist.
LegacyBurpExtender.getInstance().getCallbacks().doActiveScan(host,80, false, buildRequest,offSetList);

Is there any method to registerinsertion point in the payload and submit active scan?


Rose Krawczuk Aug 12, 2019 10:08AM UTC Support Center agent

We have a bit of a backlog in terms of Extensions issues. Please accept our apologies, we’ll get back to you as soon as we can.


Ben Wright Oct 15, 2019 10:43AM UTC Support Center agent

Hi Vino,

Apologies for the length of time it has taken for us to get back to you.

Firstly, can you confirm the version of Burp Suite that you are trying to extend?

In the latest version of the extension API, you can register an IScannerInsertionPointProvider which will automatically be invoked when Burp Scanner is auditing a request. Your implementation of IScannerInsertionPointProvider.getInsertionPoints() will determine what insertion points are generated for that specific request.

The following link provides information regarding the latest extension API documentation:

https://portswigger.net/burp/extender/api/

Please let us know if you need any further assistance.


Post Your public answer

Your name
Your email address
Answer