Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Grep all responses for a specific string

Alex | Last updated: Jan 15, 2018 08:14AM UTC

Hey, During my testing I usually enter some predefined strings into all possible fields. Lets say all my data looks like "AAAA-something" strings. Not always it is reflected immediately to the ouput. Is it possible to passively scan all server responses and grep them all for my specific strings ? I know this is possible in Intruder. But I need it as a passive scan feature while browsing.

PortSwigger Agent | Last updated: Jan 15, 2018 08:21AM UTC

Hi Alex, One way to do this is using the Search feature (Burp menu > Search). You can set this to Dynamic Update so new matches are immediately listed. Another approach is to use the Error Message Checks extension which is available in the BApp Store. Please let us know if you need any further assistance.

Burp User | Last updated: Jan 15, 2018 08:43AM UTC

Hi Paul, Thanks for the super fast reply! Both options fit my needs. Thanks for help! I knew there should be extension for this. But never tried to search for "Error extension" since that name looks a bit obscure and unrelated. That functionality could be a part of Burp Suite in the future releases. I believe many people will appreciate such feature of Proxy component.

Burp User | Last updated: Nov 27, 2018 05:46PM UTC

I came here looking for the same answer, +1 on functionality in a future release!

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.