Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

How do I configure BURP to ignore method OPTIONS on scope?

Cristiano Galdino Mar 16, 2018 03:01PM UTC

Hello there,

How do I configure BURP to ignore method OPTIONS on scope?
This is very annoying.

Tks!


Paul Johnston Mar 16, 2018 03:27PM UTC Support Center agent

Hi Cristiano,

The scope doesn’t let you filter by HTTP method, but there is an extension which helps unclutter your proxy history here:

- https://github.com/pajswigger/filter-options

Cristiano Galdino Apr 18, 2018 03:08PM UTC
Okay, but this does not help me.

My real problem is the Active Scanner is looking at the OPTIONS and not the POST/GET/PUT...

Tks.

Paul Johnston Apr 19, 2018 10:10AM UTC Support Center agent

Hi Cristiano,

If you use the extension I linked, setup your scope, then select everything in Proxy History, right-click and choose “Actively scan selected items” – you should be able to start a scan that includes POST/GET/PUT and does not include OPTIONS.

I agree this is an area where the UI could be improved. Let me know how you get on.


Cristiano Galdino Jul 03, 2018 10:52PM UTC
Hello, sorry for the delay.

I activated the extension but I do not see the option.

Did I do something wrong?


Extension loaded:
http://oi67.tinypic.com/2hyv6n8.jpg

Filter proxy:
http://oi64.tinypic.com/15g76sm.jpg

Best regards,

Paul Johnston Jul 04, 2018 08:53AM UTC Support Center agent

Hi Christiano,

The settings you’ve shown should work. The Filter OPTIONS extension rewrites the response to have mime-type application/octet-stream. So because you have “Other binary” not ticket in the filter, the OPTIONS requests should not appear in your history.

Please let us know if you need any further assistance.


Post Your public answer

Your name
Your email address
Answer