Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp Scanner Unique Param Validation

Ryan | Last updated: Mar 01, 2018 12:02PM UTC

How do you deal with forms that require a unique param value in Burp Scanner? For example, registration forms require a unique email address to pass validation. Burp submits the form, fuzzing 1 param at a time. The same email address will be submitted over and over, until the email address param is fuzzed. Leaving all other params untested. How to make the email address unique with every Scanner request? (for example, by adding a "+1" to the end of the email address username and incrementing the integer)

Burp User | Last updated: Mar 01, 2018 01:14PM UTC

Solution: https://twitter.com/Burp_Suite/status/969198377362644992

Burp User | Last updated: Mar 01, 2018 07:37PM UTC

My request randomizer extension solves this problem. It is available in the BApp Store: https://portswigger.net/bappstore/36d6d7e35dac489b976c2f120ce34ae2 Or if you want to modify, it is open source: https://github.com/thomaspatzke/Burp-Randomizer

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.