Burp Extensions

• Issues with burp scanner

  For one of my scan, I noticed that the scan threads request/response doesn't look like a actual captured request/response which were captured while crawling the application, Cookie part was removed from the requests for most of the scan threads during scan and got 302 Found, 404 not found, 401 Unauthorized and for some 200 ok. How to resolve this issue?

  1 Agent Answer    0 Community Answer

  Nov 02, 2018 01:31PM UTC
• Saving HttpRequestResponse to file

  I noticed that there's a method called saveBuffersToTempFiles() that says that it allows saving of HttpRequestResponse objects to a file. Is there anymore information on how to use this? I haven't been able to successfully use it. Is there an alternative way to save the state of extensions using this method or a less hacky way without using addToSiteMap()? https://portswigger.net/burp...

  2 Agent Answers    2 Community Answers

  Oct 30, 2018 09:03PM UTC
• Burp API Javadoc not accessible

  I noticed that the javadoc for the Burp API is no longer accessible. Was this on purpose for the 2.0 beta? https://portswigger.net/burp/extender/api/

  1 Agent Answer    0 Community Answer

  Oct 13, 2018 09:18PM UTC
• Burp Extension + UpStream Proxy SLOWWWW

  Hi all, I created a burp extension that decrypts AES traffic. The infrastructure I am testing is in such way that all requests' payloads are being encrypted with AES. In order to work around this, I am sending the request to another Burp Instance to do the analysis and then finally send it to the server. The problem I am facing is that when I make a request, it takes around 3 minutes...

  1 Agent Answer    0 Community Answer

  Oct 10, 2018 03:09PM UTC
• Accessing rendered HTML

  Hi, Is it possible to analyze the contents of a response once it has been rendered? i.e - The magic behind the render tab Thanks

  2 Agent Answers    2 Community Answers

  Oct 05, 2018 02:59AM UTC
• Payload generator UUID

  Is there an extension of the burp that create UUIDs on payloads?

  3 Agent Answers    2 Community Answers

  Sep 27, 2018 11:19PM UTC
• Burp extention: Use of 'Analyze Traget' in custom extender

  Hi, Can I get data(Engagement Tool->Analyze Target) of a target URL in custom burp extension? Actually, I need the data before running the scanner. If I get the data in extension, I can log the values when the scanner starts for a specific target.

  1 Agent Answer    0 Community Answer

  Sep 10, 2018 10:32AM UTC
• Failed to load any python extension

  Hi! I have a problem with loading any python base extension in burp. I downloaded a jyton-standalone-2.7.0.jar and also configured python environment in extender options but when I want to install any python base extension via BApp Store I get error in the bottom right corrner "Failde to load BApp". I am using java in version - jdk-9.0.4 (burp is working fine). Does anyone know whe...

  4 Agent Answers    4 Community Answers

  Sep 06, 2018 03:40PM UTC
• Failed to import .py extension: OSError: [Errno 0] chdir not supported in Java

  As the title says, I am facing this when trying to install Python extensions in Burp. Is it something related to jython environment variables? Thanks This is the complete traceback: Traceback (innermost last): File "<string>", line 1, in ? File "/Users/alex/jython2.2.1/jython.jar/Lib/javaos.py", line 121, in chdir OSError: [Errno 0] chdir not supported in...

  1 Agent Answer    0 Community Answer

  Sep 04, 2018 03:38PM UTC
• burp.byc

  I was wondering if you have any idea what could lead to the following python stack trace when using the makeHttpRequest Burp extension API? Traceback (most recent call last): File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/UploadScanner.py", line 903, in doActiveScan self.do_checks(injector) File "/root/.BurpSuite/bapps/b2244cbb6953442cb3c82fa0a0d908fa/Up...

  4 Agent Answers    3 Community Answers

  Aug 29, 2018 09:42AM UTC