Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Burp Extensions

Make a new post

  • Access command line through Burp extension

    As per the subject, I was wondering if it is possible to access the command line (either windows or linux) through a Burp extension.

    1 Agent Answer    0 Community Answer
    Jan 08, 2019 09:02PM UTC
  • คุณได้ชำระเงินจำนวน $399.00 USD ให้ PortSwigger Ltd (mail@portswigger.net)

    08 ม.ค. 2019 01:09:36 GMT+07:00 ID การทำรายการ: 9FC40466TM976523J สวัสดีค่ะ คุณ ayut intasut คุณได้ชำระเงินจำนวน $399.00 USD ให้ PortSwigger Ltd (mail@portswigger.net) คุณอาจต้องรอสักครู่เพื่อให้การทำรายการนี้ปรากฏขึ้นในบัญชีของคุณ ผู้ค้า PortSwigger Ltd mail@portswigger.net คำแนะนำถึงผู้ค้า คุณไม่ได้ป้อนคำแนะนำใดๆ รายละเอียด: ราคาต่อหน่วย ปริมาณ จำนวนเงิน Burp S...

    1 Agent Answer    0 Community Answer
    Jan 08, 2019 06:29AM UTC
  • Burp Enterprise Edition/Pro Edition can be integrated with Microsoft Team Foundation Server 2017?

    Hi Burp Team, Currently we are evaluating the trial version of Burp Enterprise edition tool for security testing in our organization. The requirement is to integrate Burp Enterprise Edition/Pro Edition with Microsoft Team Foundation Server 2017 (TFS) for CI/CD implementation. Few queries around this area 1) Is it possible to implement CI/CD with TFS & Burp 2) If it's possible what a...

    1 Agent Answer    0 Community Answer
    Jan 03, 2019 10:34AM UTC
  • Highlighting in IMessageEditor

    Hello, I am trying to create an extension in which you can highlight single or multiple lines of text in the request or response tabs. I am having an issue when you add a “Graphic” to the IMessageEditor text area that it disappears when it is either selected or you highlight a new line of text. Highlight Method: /* * Graphics g: Takes components graphics object. * IMessageEditor req: Requ...

    1 Agent Answer    0 Community Answer
    Jan 02, 2019 04:33PM UTC
  • WebSocket API

    I'm dealing more and more with websockets: is there _any_ way to modify requests on the fly? I'm not afraid of writing a custom extension or fiddle with scripting my own tools. FWIW, if you provide some guidance, I could create a free extension and publish it.

    2 Agent Answers    3 Community Answers
    Dec 20, 2018 09:05AM UTC
  • Get local path of burp file via API

    I'm looking to be able to save information to the same directory as my Burp project file through a Burp Extension. I organize my project files in folders with respect to the applications I'm testing. There is the getCommandLineArguments method from callbacks, however I don't run Burp through the command line. I'd be fine doing this, but I'm not sure if I can load a...

    2 Agent Answers    2 Community Answers
    Dec 10, 2018 03:41PM UTC
  • Custom payload processor / generator

    My intruder scenario is brute forcing uids that are calculated based date. Current intruder has date payload, that is superb for the job. Now i would like to process these dates with my custom extension that formes uid from date. However there is one to many relationship here - one date generates up to 999 different uids. How can i return multiple processed payloads from my extension processPay...

    1 Agent Answer    0 Community Answer
    Nov 21, 2018 04:48PM UTC
  • Issues with burp scanner

    For one of my scan, I noticed that the scan threads request/response doesn't look like a actual captured request/response which were captured while crawling the application, Cookie part was removed from the requests for most of the scan threads during scan and got 302 Found, 404 not found, 401 Unauthorized and for some 200 ok. How to resolve this issue?

    1 Agent Answer    0 Community Answer
    Nov 02, 2018 01:31PM UTC
  • Saving HttpRequestResponse to file

    I noticed that there's a method called saveBuffersToTempFiles() that says that it allows saving of HttpRequestResponse objects to a file. Is there anymore information on how to use this? I haven't been able to successfully use it. Is there an alternative way to save the state of extensions using this method or a less hacky way without using addToSiteMap()? https://portswigger.net/burp...

    2 Agent Answers    2 Community Answers
    Oct 30, 2018 09:03PM UTC
  • Burp API Javadoc not accessible

    I noticed that the javadoc for the Burp API is no longer accessible. Was this on purpose for the 2.0 beta? https://portswigger.net/burp/extender/api/

    1 Agent Answer    0 Community Answer
    Oct 13, 2018 09:18PM UTC