JUnit test with Burp Extensions
Hi, I'm developing a Burp Extension and want to add some testing. Is there a way to create IHttpRequestResponse objects manual? Or retrieve callbacks during a JUnit test, without starting Burp. I do not really know what to do. Thanks for your help!1 Agent Answer 0 Community AnswerSep 14, 2015 03:48PM UTC
IScannerCheck -- Consolidate Duplicate issues method
My question is about the consolidateDuplicateIssues Method. Currently I am writing an extension that passively scans for certain strings in requests. The problem is that there are multiple requests for each site, and the same string in each of the requests. This results in a great deal of duplicate issues, which is the exact problem that the method to , well, consolidate issues is supposed to cor...2 Agent Answers 2 Community AnswersSep 14, 2015 03:14PM UTC
Highlight a tab
Is it possible to highlight an extension tab? When you do "Send to repeater" the repeater tab is highlighted. I'm working on a reporting extension, and I've added "Send to report" to the context menu. I'd like it to highlight the report tab. Many thanks! Paul1 Agent Answer 1 Community AnswerSep 14, 2015 12:57PM UTC
How do I Set a Token in URL Directory.
Hi, I want to set a token in URL Directory. And, I use macro. so I want to custmize Macro (on Intruder). Test Site has a Token in URL directory, don't have a url parameter. (Exp. http://xxxxxxxx/test/123456token/) How do I set a Token in URL Directory? I made extender using ISessionHandlingAction. But, I can not custmize macro & intruder...1 Agent Answer 0 Community AnswerSep 10, 2015 03:00AM UTC
Portable Burp Suite: Windows Auto Start Script
This script will automatically run the latest burp Jar and set java home path for portable installs :) @echo off echo this includes: echo portable java 8 64bit echo python support in burp echo CO2 and Logger++ echo rmccurdy.com echo cleaning config rem regedit /s INIT_WIPE_CONFIG.reg echo importing config rem regedit /s INIT_BASE_CONFIG.reg echo importing licence file r...0 Community AnswerSep 04, 2015 07:17PM UTC
How to change proxy by an extension when using intruder
Hello there. I posted a question( http://forum.portswigger.net/thread/1646/change-upstream-proxy-extension ) on forum not long ago, and developer gave me a rather primitive but direct recommendation. Actually, I toke another way to change the proxy on extension( https://github.com/retanoj/BurpMultiProxy ), like "Traffic rediector example", redirect request HttpService (protocol, host, ...2 Agent Answers 2 Community AnswersSep 03, 2015 06:34AM UTC
Adding GetSiteMap() to Carbonator
I'm attempting to add to the carbonator extension a method for extracting the sitemap URLs into a text file. The code I have written so far is below, and the output I get is 'array(burp.IHttpRequestResponse)'. I know I need to call the IHttpRequestResponse interface somehow to tap into the array. I import it from burp at the beginning of the code, but when I add that call to the Bur...2 Agent Answers 3 Community AnswersAug 31, 2015 03:53PM UTC
burp hangs while shell command completes
Hello, I have an extension which calls a shell command that takes a bit to complete. After invoking this from the context menu, burpsuite hangs and resumes after the command completes. I have tried using threading to avoid the hang but have not had any luck. The extension is written in python and I am using Popen and communicate because I need certain tasks to wait until the command completes. A...1 Agent Answer 0 Community AnswerAug 31, 2015 01:17PM UTC
The scanner report size is not consistant for the same web site.
Hi we have a job (scheduled to run once a day) that invokes BURP (with carbonator extension) through cammand line. this setup is been working for quite a while. when we look at scanner reports we see that some days it is 16MB other days it is 11MB or something else. we want to know why there difference in the repoted issues (or generated report size) for the same website.2 Agent Answers 1 Community AnswerAug 12, 2015 10:13AM UTC
How Does Burp Handle Responses?
Hi, I hope this is not a duplicate question, but I couldn't find the response to it. I wonder if it is worth checking if the response I'm analyzing for the PDF Metadata Extension is actually a PDF file before reading the response. Does Burp read the whole answer with response = self._requestResponse.getResponse() already? If yes, is the impact on resources high enough that it is...1 Agent Answer 0 Community AnswerAug 06, 2015 08:24AM UTC