Burp Extensions

Make a new post

  • Extender API broken link

    Hi, the extender page (https://portswigger.net/burp/extender/) has a link to a 2012 post titled "Writing your first Burp Suite extension" at http://blog.portswigger.net/2012/12/writing-your-first-burp-extension.html which has a link with the text "Download the Burp Extender interface files" but that points to https://portswigger.net/burp/extender/api/burp_extender_api.zip whic...

    1 Agent Answer    0 Community Answer
    Oct 20, 2015 08:03AM UTC
  • Intruder view original payload in the results

    Hello! How can i do to view original payload in the results table intruder, before Processing payload rules. I try to do this: [code="python"] def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): if not messageIsRequest and self._callbacks.TOOL_INTRUDER == toolFlag: messageInfo.setComment("original payload") [/code] But comment ...

    2 Agent Answers    2 Community Answers
    Oct 02, 2015 01:22PM UTC
  • makeHttpRequest is very slow

    Hi all, I'm writing an extension that aims at sending many requests from multiple sessions of different users. Currently, I'm using callbacks.makeHttpRequest(...) to send requests but that method takes a very long time to finish. My server is local and pretty fast, so communication does't take that much of time. Is there any faster way to replace that method? I'm thinki...

    3 Agent Answers    3 Community Answers
    Sep 15, 2015 02:03PM UTC
  • JUnit test with Burp Extensions

    Hi, I'm developing a Burp Extension and want to add some testing. Is there a way to create IHttpRequestResponse objects manual? Or retrieve callbacks during a JUnit test, without starting Burp. I do not really know what to do. Thanks for your help!

    1 Agent Answer    0 Community Answer
    Sep 14, 2015 03:48PM UTC
  • IScannerCheck -- Consolidate Duplicate issues method

    My question is about the consolidateDuplicateIssues Method. Currently I am writing an extension that passively scans for certain strings in requests. The problem is that there are multiple requests for each site, and the same string in each of the requests. This results in a great deal of duplicate issues, which is the exact problem that the method to , well, consolidate issues is supposed to cor...

    2 Agent Answers    2 Community Answers
    Sep 14, 2015 03:14PM UTC
  • Highlight a tab

    Is it possible to highlight an extension tab? When you do "Send to repeater" the repeater tab is highlighted. I'm working on a reporting extension, and I've added "Send to report" to the context menu. I'd like it to highlight the report tab. Many thanks! Paul

    1 Agent Answer    1 Community Answer
    Sep 14, 2015 12:57PM UTC
  • How do I Set a Token in URL Directory.

    Hi, I want to set a token in URL Directory. And, I use macro. so I want to custmize Macro (on Intruder). Test Site has a Token in URL directory, don't have a url parameter. (Exp. http://xxxxxxxx/test/123456token/) How do I set a Token in URL Directory? I made extender using ISessionHandlingAction. But, I can not custmize macro & intruder...

    1 Agent Answer    0 Community Answer
    Sep 10, 2015 03:00AM UTC
  • Portable Burp Suite: Windows Auto Start Script

    This script will automatically run the latest burp Jar and set java home path for portable installs :) @echo off echo this includes: echo portable java 8 64bit echo python support in burp echo CO2 and Logger++ echo rmccurdy.com echo cleaning config rem regedit /s INIT_WIPE_CONFIG.reg echo importing config rem regedit /s INIT_BASE_CONFIG.reg echo importing licence file r...

    0 Community Answer
    Sep 04, 2015 07:17PM UTC
  • How to change proxy by an extension when using intruder

    Hello there. I posted a question( http://forum.portswigger.net/thread/1646/change-upstream-proxy-extension ) on forum not long ago, and developer gave me a rather primitive but direct recommendation. Actually, I toke another way to change the proxy on extension( https://github.com/retanoj/BurpMultiProxy ), like "Traffic rediector example", redirect request HttpService (protocol, host, ...

    2 Agent Answers    2 Community Answers
    Sep 03, 2015 06:34AM UTC
  • Adding GetSiteMap() to Carbonator

    I'm attempting to add to the carbonator extension a method for extracting the sitemap URLs into a text file. The code I have written so far is below, and the output I get is 'array(burp.IHttpRequestResponse)'. I know I need to call the IHttpRequestResponse interface somehow to tap into the array. I import it from burp at the beginning of the code, but when I add that call to the Bur...

    2 Agent Answers    3 Community Answers
    Aug 31, 2015 03:53PM UTC