Getting Started with Burp Suite
Burp Suite Documentation
Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.
| Burp Suite Professional and Community editions | Burp Suite Enterprise Edition |
| Burp Scanner | Burp Collaborator |
| Burp Infiltrator | Full Documentation Contents |
Burp Extender
Burp Extender lets you extend the functionality of Burp Suite in numerous ways.
Extensions can be written in Java, Python or Ruby.
| API documentation | Writing your first Burp Suite extension |
| Sample extensions | View community discussions about Extensibility |
header injection using burp intruder is not working as expected
Hi, I noticed one problem while trying to do automatic header injection using intruder.
i created emty placemarker in positions tab because I want to incert new header from the list of headers I have That is not a problem, how ever the problem is that the ":" gets replaced with "%3a%" for what ever reason.
The question is it normal to be that way or is it a bug? because it meens that i can't automate the process for injecting extra headers.
instead geting the original value from the list of payloads: Accept: text/plain
I am geting the folowing: Accept%3a%20text%2fplain
I am wondering then how cum original headers are not effected if they are in saime format???
thanks for your answers and suggestions in advanced.
i am running the free edition and it is a latest version as of post date.
Hi, In the Intruder > Payloads tab, at the bottom you should see a section labeled ‘Payload Encoding’. This section allows you to define certain characters that will be URL-encoded when processed by Intruder.
The ‘:’ character that you have referenced is configured by default to be encoded. If you remove it from the list/disable this feature, you should no longer encounter this change happening during the attack phase.