Burp Extensions

Make a new post

  • Python IDE code completion

    Hello, I'm trying to properly setup a Python IDE so I can start can play around and create some Burp extensions. One of the advantages of using an IDE is of course code completion. However, I can't seem to figure out how this is done using Jython. Pycharm seems like a solid IDE. I did find this post describing how to add code completion with Jython: http://stackoverflow.com/questio...

    1 Community Answer
    Feb 14, 2016 03:52PM UTC
  • Burp Ext

    When I am running burp extension, I keep on getting following errors: Scanner: Timeout in transmission from xyz.com and Proxy: No response received from remote server. Is there anything I can do resolve this error.

    1 Agent Answer    0 Community Answer
    Feb 08, 2016 07:50PM UTC
  • NullPointerException while attempting passive or active scan from extension

    Hi Team - I am using Burp Suite Pro v1.6.36 and trying to automate passive and active scanning on incoming requests via Burp proxy. I get a NullPointerException while attempting to perform a passive or active scan and further processing seems to get skipped (i.e. adding to active scan queue, in case of active scan). However, in Burp suite UI, I see some issues getting captured as part of the ...

    1 Agent Answer    1 Community Answer
    Feb 02, 2016 04:44PM UTC
  • AMF Deserialization Dispaly Tag

    How to configure to see the AMF Deserialization tag in request and response. Refer :- https://www.netspi.com/DesktopModules/SunBlog/Handlers/Print.aspx?id=68 But it's showing error while I add it to burp extensio.

    1 Agent Answer    0 Community Answer
    Feb 02, 2016 02:33PM UTC
  • HTTP/2 - Upgrade Header filtered

    Hi, I was experimenting with curl, sending HTTP/2 requests and realised that Burp is filtering/replacing the HTTP/2 Upgrade header since version 1.6.33. Therefore no HTTP/2 communication is established with the server. I know that Burp is not supporting HTTP/2 yet and the HTTP/2 frames cannot be decoded in Burp, but is it possible to get the original, unfiltered content if a HTTP/2 request is s...

    1 Agent Answer    1 Community Answer
    Jan 28, 2016 05:37AM UTC
  • Session handling in Burp extensions

    Hi, I am currently implementing a specific attack with a Burp extension. Before I start the attack, I need to delete all cookies for the target domain. The attack consists of several HTTP requests. For these requests I need a session handling. I have been using Burps cookie jar by enabling the cookie jar for extensions (under Options->Sessions). I delete the cookies for the target domain...

    2 Agent Answers    0 Community Answer
    Jan 25, 2016 01:18PM UTC
  • Unable to intercept the web socket requests in v1.6.34

    Hi, I was able to intercept & retrieve the web socket traffic in burp v1.6.31. But same traffic I'm unable to retrieve in v1.6.34. Could you please help me to resolve this issue. Thanks & Regards, Sharath

    2 Agent Answers    0 Community Answer
    Jan 21, 2016 01:43PM UTC
  • Save and restore state of an extension

    Hi! I'm working on a "Save and Restore state" for a Burp Suite plugin. The state must contain also some IHttpRequestResponsePersisted. My idea was to save host, port, protocol, request bytes and response bytes and then restoring in this way: httpService = buildHttpService(host, port, protocol) IHttpRequestResponse reqRes = makeHttpRequest(httpService, request) reqRes.setResp...

    1 Agent Answer    0 Community Answer
    Jan 01, 2016 10:54AM UTC
  • Bapp Extension Signature

    When installing a Burp extension from the Bapp Store I see a "BappSignature.sig" file is part of the install. I assume this is a Bapp Store generated digital signature of the extender package and is checked by Burpsuite when installed. But I cannot find any documentation of this feature. Is my assumption correct? Thanks

    1 Agent Answer    0 Community Answer
    Dec 30, 2015 03:21PM UTC
  • Extract Response Message Body

    Hey , I am making my first extension using Java in NetBeans, and I need to extract the message from the Response so that I can perform my operations over it. But after checking the examples and other javadocs , I was unable determine how to do it. Kindly, let me know how can I extract the message from the response??

    1 Agent Answer    1 Community Answer
    Dec 30, 2015 09:29AM UTC