Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Burp Extensions

Make a new post

  • Cannot import burp Extentions from python file

    I'am trying to import IBurpExtender into my extention but I cant seem to import any of the API. I keep getting an import error. I cant figure out what is wrong. Traceback (most recent call last): File "/opt/......./", line 4, in <module> from burp import IBurpExtender File "/opt/......../", line 4, in <module> from burp import I...

    4 Agent Answers    4 Community Answers
    May 02, 2017 08:55PM UTC
  • Using IBurpExtenderCallbacks.makeHttpRequest at Background

    I am trying to send 10 new requests after all requests generated by proxy. For that, I am handling requests in processHttpMessage method and sending requests with IBurpExtenderCallbacks.makeHttpRequest. It works but the problem is that you wait until those 10 requests made to see response of proxy and it takes time. I want those requests are sent at background while i am using burp proxy simult...

    1 Agent Answer    1 Community Answer
    Apr 29, 2017 10:19PM UTC
  • Custom Hotkey for Burp Extension

    Dear Portswigger Team, Is it possible to register a hot key for an action provided by an extension? My use case is the following: I have created a new behaviour for "Send to Intruder" (default ctrl+i) and for this purpose added a new context menu item. Ideally, this menu action could be invoked by a custom hot key, e.g., ctrl+shift+i. Cheers, Franz

    1 Agent Answer    0 Community Answer
    Apr 23, 2017 03:46PM UTC
  • IMessageEditor get selected Offset (similar to textEditor)

    Hi Team I'm using an IMessageEditor object to create a combination of repeater and intruder. However, the function i am missing for IMessageEditor is the getSelectionBounds() (which exists for ITextEditor . What would be a good way to achieve this?

    3 Agent Answers    2 Community Answers
    Apr 17, 2017 05:04PM UTC
  • Control of the Intruder Engine

    Does the present version of burp suite provides any API to control the Intruder engine that means using custom scheduler and firing each packets. Every thing we found till now is to custom payload.

    1 Agent Answer    0 Community Answer
    Apr 12, 2017 02:18PM UTC
  • SAX2 driver class org.apache.xercer.parses.SAXParser not found

    Hello friends I'm trying to parse XML from requests in my plugin but every time this error occours: java.lang.ClassNotFoundException: org.apache.xerces.parsers.SAXParser at org.xml.sax.helpers.XMLReaderFactory.loadClass( at org.xml.sax.helpers.XMLReaderFactory.createXMLReader( at sun.reflect.NativeMethodAccessorImpl.invoke0...

    3 Agent Answers    2 Community Answers
    Apr 11, 2017 07:56PM UTC
  • Issue Deserializing AMF messages with burpsuite

    I am unable to deserialize AMF messages in response only. I am using the current version of Burpsuite. I have used both the builtin in AMF analyze and display option and the AMFDSer extension. They were only able to deserialize the request sent from the client. I have used both of them together and individually, and tried to use them with previous versions of burp too. None of that worked. Can any...

    0 Community Answer
    Apr 11, 2017 06:34PM UTC
  • Intercept Burp's requests and set authenticated upstream proxy.

    Hi, I want create an extension that will intercept and proxy Burp's requests. I noticed I can implement IHttpListener and override processHttpMessage() and set a new IHttpService for each request. The problem is that I need to set basic auth to the proxy but I can not pass that information to buildHttpService(String host, int port, String protocol); Any ideas? Thanks

    1 Agent Answer    0 Community Answer
    Apr 09, 2017 02:43PM UTC
  • Dynamically Applying Highlight Markers

    Hi, Currently I am working on an extension to dynamically apply markers (user defined) to highlight certain specific areas within requests and responses. This works well if I have an "issue" with only one request-response combo. When encountering issues with multiple requests-responses, I therein stumble upon an error message which reveals that overlapping string indexes, marked f...

    2 Agent Answers    2 Community Answers
    Apr 06, 2017 08:27PM UTC
  • Possible Classpath Issues when using beansbinding (JSR 295)

    Hi everyone I am currently trying to finalize my Burp Suite extension. To bind POJOs to the View (two-way binding) I am using beansbinding respectively betterbeansbinding (JSR 295). When I start my extension via NetBeans or load the extension via classpath (Legacy Java) everything works fine. When I load it via the Burp Suite Extender the two-way binding does not work anymore. I would really l...

    1 Agent Answer    1 Community Answer
    Mar 24, 2017 10:14AM UTC