Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

 New Post View All

Feature Requests

 New Post View All

Burp Extensions

 New Post View All

Bug Reports

 New Post View All
Support Home
Getting Started

Getting Started with Burp Suite

Getting Started Home
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Burp Suite Professional and Community editions Burp Suite Enterprise Edition
Burp Scanner Burp Collaborator
Burp Infiltrator Full Documentation Contents
Documentation Home
Knowledge Base
Training

Burp Suite Training

Troubleshooting
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility
Burp Extender Home
BApp Store
Release Notes
Support Center Burp Extensions

Burp Extensions

Make a new post

  • Outdated extensions and open pull requests

    Hello, some extensions (like "Add Custom Header") don't have their latest version available in the BAppStore, and that lasts for a few months (and I hate having to maintain private versions) First, I wonder how the process used to update existing extensions works. AFAIK, it isn't explicitly documented. In a previous ticket, I was told that it "is the responsibility o...

    2 Agent Answers    1 Community Answer
    Jan 15, 2020 06:28PM UTC
  • Failed to update Bapp List

    Hi, My burp store list fails to be updated. I am using my employer's proxy settings and it may create some conflicts OR block some traffic. Do you have any work around this problem? Do you know how I can investigate and identify more precisely the issue? Thank you.

    2 Agent Answers    1 Community Answer
    Jan 09, 2020 08:40AM UTC
  • Get All URLs from a Website

    Hello, I am currently writing a burp Extension. I need to get all URLs from the Website before the active Scan. How can I do this? Thanks

    1 Agent Answer    1 Community Answer
    Dec 21, 2019 11:47AM UTC
  • Pause scanner from extension

    Is there any API to pause the scanner from an extension? For example, let's say you are scanning an API with a rate limiter, and your extension can detect that you are getting close to the limit, can it pause the scanner to avoid being blocked?

    2 Agent Answers    1 Community Answer
    Dec 18, 2019 07:37AM UTC
  • Extension load error code

    os win 7 java.lang.ExceptionInInitializerError at org.python.util.PythonInterpreter.<init>(PythonInterpreter.java:100) at org.python.util.PythonInterpreter.<init>(PythonInterpreter.java:94) at org.python.util.PythonInterpreter.<init>(PythonInterpreter.java:71) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructor...

    2 Agent Answers    2 Community Answers
    Nov 27, 2019 09:12AM UTC
  • Extensions are not loading with Burp defaults

    Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that all the extensions are getting uninstalled except Active Scan++ and Auth Matrix. I need to reinstall other extensions each time when I open existing or creating new projects. In the case of Aut...

    3 Agent Answers    2 Community Answers
    Nov 25, 2019 05:56AM UTC
  • XML tab "Reparse" Programmatically

    Hi, I would like to know how the "Reparse" button in the request/response "XML" tab reformats XML documents programmatically via Java. Specifically, I am wondering what library(s) are used for this. I am asking for the purpose of incorporating it into current and future Burp Extensions that handle XML documents. While manually reparsing documents in the XML tab is acceptable...

    2 Agent Answers    2 Community Answers
    Nov 24, 2019 08:09PM UTC
  • Burp Extension for Intruder Payload with multiple payload lists

    Hi, I am working on creating a extension for burp suite where a user can choose from a list of payload lists [one list for angular payloads, one list for react payload] according to the framework of the application he is testing. But I am only able to create one payload list per extension using this code https://github.com/PortSwigger/example-intruder-payloads Can you please let me know i...

    1 Agent Answer    0 Community Answer
    Nov 11, 2019 06:11AM UTC
  • Scan Configuration

    I am building an extension that calls doActiveScan and doPassiveScan. Is there a way to specify the scanner configuration. Currently tasks are created and there is a default scanner configuration used named Current auditing configuration. Is there a way to specify the configuration to be used by the scanner. I have tried exporting a scanner configuration and calling loadConfigFromJson but every ti...

    2 Agent Answers    1 Community Answer
    Oct 18, 2019 01:59PM UTC
  • Send to decoder programmaticaly from extensions

    There are methods in IBurpExtenderCallbacks for sending data to - repeater, - intruder, - comparer, and - spider. Why isn't there one for decoder? When writing a custom message editor with a custom editor widget, it'd be better to be able to offer sending a selected chunk to the built-in decoder instead of reimplementing it, poorly. Just like there's already void sendTo...

    2 Agent Answers    2 Community Answers
    Oct 18, 2019 09:32AM UTC
Burp Suite Web vulnerability scanner Burp Suite editions Release notes
Vulnerabilities Cross-site scripting (XSS) SQL injection OS command injection File path traversal
Customers Organizations Testers Developers
Company About us Careers Contact Legal Privacy notice
Insights Web Security Academy Blog The Daily Swig
Follow us

© 2018 PortSwigger Ltd.