Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Intercept non HTTP protocols

Mathias Jan 27, 2015 10:07AM UTC

An ability to intercept non-HTTP protocols (perhaps an API feature to let users code extensions for relevant protocols). A situation arrived at work involving SIP. Getting the traffic to pass through Burp was easy, but without an ability to intercept INVITE (and so forth) it lead to creating custom tools instead.

Simon May 18, 2015 09:41AM UTC
As pentester i'm often coming into the situation to intercept non HTTP traffic. Using SSLSplit or mitm-Proxy it is easily possible to sniff ssl secured data, but making changes is not possible, AFAIK.
Therefore I would appreciate if I could use my prefered tool Burp for these situations too.

John Pentester Aug 04, 2015 07:48PM UTC
yes PLEASE BURP, start supporting other application layer protocols like SIP, XMPP, IMAP !!! it would make Burp the ultimate go to proxy tool !!!
you're limiting this tool to HTTP type traffic only, web is evolving !! and so are the services provided we need support for other app level protocols !!

Dafydd Stuttard Aug 10, 2015 10:34AM UTC Support Center agent

Sorry folks, we have no current plans to support non-HTTP-based protocols in Burp.

Josh Summitt Aug 12, 2016 07:03PM UTC
I have a solution on my github site. Gave a talk in the BlackHat Arsenal this year about this new extension.

Jrm Jan 12, 2017 12:19PM UTC
There is also that:

It does not require any third party extensions. It works by wrapping TCP and UDP packets into HTTP Requests and forwarding to Burp. It does all the SSL / STARTLS stuff, so there is no need for funky configs into Burp.

Shuki Aug 21, 2018 10:09AM UTC
Burp Folks!
The TCP proxy interception is a must feature... Please consider again.
There are a lot of applications based on TCP.


Post Your public answer

Your name
Your email address