Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

disable Payload encoding and auto load payloads through API

ragu Feb 03, 2015 08:25AM UTC

It would be nice if the payloads get automatically loaded from custom file when invoking sendToIntruder method and API method to disable URL encode these characters through API. Thereby launching the attack through API


Dafydd Stuttard Feb 03, 2015 09:09AM UTC Support Center agent

It’s in our roadmap to provide an API to allow extensions to configure the details of Intruder attacks and launch them programmatically. We can’t currently provide an ETA for this feature, sorry.

If you want to repeat an attack numerous times using the same payload list on a different base request template, you can use the Option at Intruder menu / New tab behavior / Copy configuration from first tab, and then configure your payloads and other settings once in the first tab. They will be copied to each newly created tab.


ragu Feb 03, 2015 10:15AM UTC
Thank you ! I am getting the payloads by copy configuration from first tab but I disabled the URL encoding in the first tab and its not getting disabled in the new tabs. can u please help me sorting it out this

Dafydd Stuttard Feb 03, 2015 01:33PM UTC Support Center agent

In our testing, the option to URL-encode payloads is being copied from the first tab to a newly created tab, if you have enabled the “Copy configuration from first tab” option.


KibodWapon Apr 25, 2016 02:46AM UTC
Your answer saved my life ,while i used to use url-decode payload processor to handle this issue。
My question is that simple list paylad tab cannot paste unicode words like Chinese '毛泽东',it woud be nice if add a unicode url encoding functionality to %e6%af%9b%e6%b3%bd%e4%b8%9c。you can refer http://tool.chinaz.com/tools/urlencode.aspx,thanks ,burp suite is the greatest http fuzz tools !

KibodWapon Apr 25, 2016 03:05AM UTC
I got a hack method ,URL-encode these charactoers,but it still can not dispayl properly。

Post Your public answer

Your name
Your email address
Answer