Getting Started with Burp Suite
Burp Suite Documentation
Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.
| Full Documentation Contents | Burp Projects |
| Suite Functions | Burp Tools |
| Options | Using Burp Suite |
Burp Extender
Burp Extender lets you extend the functionality of Burp Suite in numerous ways.
Extensions can be written in Java, Python or Ruby.
| API documentation | Writing your first Burp Suite extension |
| Sample extensions | View community discussions about Extensibility |
Burp Extensions
Make a new post
-
Can't modify scanner issues context menu
When I try to add a context menu entry to the scanner issues context menu, nothing shows up, it also does not return a InvocationContext when I right click on the scanner issues.
2 Agent Answers 2 Community AnswersMay 15, 2018 07:40AM UTC -
Generating Customised Intruder Attacks from an Extension
Hi, I'm trying to create a burp extension which generates customised intruder attacks. I'm aware that I can create attacks with some level of control (https://portswigger.net/burp/extender/api/burp/IBurpExtenderCallbacks.html#sendToIntruder(java.lang.String,%20int,%20boolean,%20byte[],%20java.util.List) ), however, is there any way to set options such as the attack type, number of thr...
2 Agent Answers 1 Community AnswerMay 05, 2018 06:37PM UTC -
Active scanning sorting features and insertion points fine control.
Hello, With the aim of automating Burp scan in a development cycle, I wish to get the proxy history of a specific Burp project and launch an active scan on each items. To do so I was wondering if you would make the "remove duplicates" function available in the API (the same as in the menu when launching active scan on a bulk of items) ? Secondly, is there a way to have more fine...
1 Agent Answer 0 Community AnswerApr 24, 2018 04:58PM UTC -
API function to change Response on the fly
Hi I'm aware of Match and Replace feature to change response on the fly. But is there a way to do it from plugin API ? I'm looking at potential API https://portswigger.net/Burp/extender/api/burp/IHttpRequestResponse.html#setResponse(byte[]) Please correct me if I'm wrong.
1 Agent Answer 0 Community AnswerApr 16, 2018 06:47AM UTC -
Giving some input parameters to A Burp Suite Extension !..
Hello Burp, I wrote a new Burp Suite extension and I can load it to Burp and work with Burp. But I want to give a parameter to the extension so this extension can use this parameter while its running. How it is possible? I wrote extension with Java. I guess that there can be some function to create a text box at Details tab which is at Extender tab, and so user can enter parameter to this t...
1 Agent Answer 0 Community AnswerApr 15, 2018 03:03PM UTC -
AMF
What is the current state of AMF support within Burp and Burp plugins? Searching through old support post most AMF support seems very outdated. I'm using Pro 1.7.30. I've tried Blazer. It throws a null pointer exception when doing just about anything. I tried the plugin from NetSPI (https://github.com/NetSPI/Burp-Extensions/tree/master/BurpAMFDSer/New_APIs/executables). Loa...
1 Agent Answer 1 Community AnswerApr 06, 2018 11:09PM UTC -
Burp Extension
Hello there, I am getting the following exception when I'm trying to log a Jython extension I made, please let me know if anyone has face this :S java.lang.RuntimeException: org.python.core.PyException at burp.ih.a(Unknown Source) at burp.omd.<init>(Unknown Source) at burp.ipb.a(Unknown Source) at burp.wi.c(Unknown Source) at burp.wi.a(Unknown Source) at burp.hd.run(U...
1 Agent Answer 0 Community AnswerApr 06, 2018 07:52PM UTC -
Extension does not load when BURP is loaded through Windows Task Scheduler while not logged in
I'm trying to run BURP with my extension with the Windows's Task Scheduler. When I'm logged in, the Task Scheduler is able to open BURP in headless mode and preload my python extension fine. The issue is when I'm not logged into the Windows. I written an command line output to txt file so I see BURP was successfully opened, but I don't see my see outputs from my extensi...
2 Agent Answers 1 Community AnswerApr 04, 2018 05:59PM UTC -
BurpSmartBuster Not Working
Hello, Whenever I try to use BurpSmartBuster it generates errors and does not work properly. It had worked at some point in the past, but that was at least 6 months ago. I am using Burp Suite Pro 1.7.32, on Windows 10. These are the errors I see in the Extender section for BurpSmartBuster: Exception in thread Thread-smartRequest:Traceback (most recent call last): File "C:\Users\&l...
1 Agent Answer 0 Community AnswerMar 25, 2018 06:43PM UTC -
Design new extension - Problem with buildRequest and URL Encode
Hi! I'm new to extending Burp and I wanted to add an active scanner plugin for some injections. When I making the requests with a payload with special characters, for example <script>alert(1)</script>, the request encoded my payload with "URL encode". My code is as follows: for(String payload: payloads){ IHttpRequestResponse test = this.callbacks.makeHttpRe...
6 Agent Answers 6 Community AnswersMar 23, 2018 12:11PM UTC