Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Scan for ONLY burp suite plugin (custom insertion point)

Russell | Last updated: Nov 10, 2016 10:24AM UTC

I'd like to be able to launch only my plugin during a scan. I think the scanner tab should perhaps have the option of enable/disabling a plugin in addition to the other [x] enable/disable buttons. Lets say I only want to do some custom injection test based on something I've seen in an app - I'd want to blast that string all over the place but don't care about anything else. Is this the default behavior if I disable all the other checks? Is there any way to only do my custom insertion checks across an entire app (don't want to load hundreds of pages by hand into the intruder to mangle with). .... If not - perhaps it would be nice to be able to launch burp with some cmd-line parms to only use a certain plugin against a host, save and exit? Do you think one of these methods might be incorporated into burp ?

PortSwigger Agent | Last updated: Nov 10, 2016 03:47PM UTC

If you want to only carry out scan checks that your extension provides, then you can turn off all other scan checks in the UI. If you want to only scan insertion points that your extension provides, then you can turn off all other insertion points in the UI. If you do both, then Burp will just use your scan check and your insertion point.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.