Burp Extensions

Make a new post

  • Sqlite-jdbc and jython

    Hello, I am trying to do a Python Burp Suite extension (with jython 2.7) and I want to use sqlite to save some data. I have some code examples to use "sqlite.JDBC" working properly with "jython" through the following commands: - export CLASSPATH=/tmp/sqlite-jdbc-3.7.2.jar:$CLASSPATH - jython example.py I have a problem when I try to use this examples like Burp Suite ...

    1 Agent Answer    0 Community Answer
    Apr 23, 2015 03:45PM UTC
  • Burp extension - OS Scanner

    Just wondering if there are any type of extensions that may report OS vulnerabilities at all.

    1 Agent Answer    0 Community Answer
    Apr 21, 2015 06:13PM UTC
  • Burp plugin that does not launch Burp GUI

    We want to write a plugin that runs certain Burp functions, but does so in the background, and without launching the Burp GUI. Is there a way to suppress the GUI while executing certain functions (e.g., Scan)? Please advise. Thanks for any assistance!

    1 Agent Answer    1 Community Answer
    Apr 16, 2015 09:06PM UTC
  • Use "Extract" UI in Plugin

    Hello, Is it possible to integrate the existing Intruder "Define grep extract item" UI (or the Macro::Configure Item "Define Customer Parameter" UI) as part of an extension? I read through the API documentation but could not find a place where this might be exposed. Thanks, Jon

    1 Agent Answer    1 Community Answer
    Mar 10, 2015 02:33PM UTC
  • Parsing AMF3 - Burp

    Hi, I have a Flex app that is sending data using AMF3. I can see the contents in the AMF decode just fine. The problem now is that one of my request parameters is a Byte array. I can edit it in Raw mode, but if the length is increased/decreased by even a single byte - it messes up my request. And I can't apparently edit the Byte array contents using the AMF3 decoder - I can edit other fields...

    1 Agent Answer    1 Community Answer
    Mar 05, 2015 03:55PM UTC
  • Jira integration in the Scanner tool

    I would love to see an integration with Jira bugtracking. This way the scanned vulnerabilities can be quickly documented and sent for mitigation. The creation of the issue would preferably include the description and mitigation from the scanner and the full request and response. A screenshot of the rendered webpage would also be a nice as an attachment. Andy

    5 Agent Answers    4 Community Answers
    Mar 04, 2015 02:36PM UTC
  • exitSuite

    Can someone provide some example code for stopping burp suite programmatically using exitSuite as a Burp extension?

    2 Agent Answers    1 Community Answer
    Feb 25, 2015 06:34PM UTC
  • Which Java?

    do i need to install Java SE Runtime (oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html) or Java for windows (java.com/en/download/windows_xpi.jsp?locale=en) to work with Extensions correctly? i see here that support suggested to use Java SE http://forum.portswigger.net/thread/1167/unable-load-extensions-bapp-store is there a difference between both and do i get any ...

    1 Community Answer
    Feb 14, 2015 08:31PM UTC
  • Browser repeater extansion failed to load

    Hi, I'm trying without luck to load "Browser repeater" extension. I'm doing this under 1.6.09 and 1.6.10 Burp Pro versions with jython-standalone-2.5.4-rc1.jar. I'm getting all the time the following error. Does anybody knows how that can be resolved? " org.openqa.selenium.WebDriverException: java.lang.NullPointerException Build info: version: 'u...

    1 Agent Answer    0 Community Answer
    Feb 10, 2015 01:37PM UTC
  • Extension which scans a predined list of urls

    Is there a current extension which will take a predefined list of URL's and scan them? I was writing my own extension and I was able to use sendToSpider(url) method to add my URL to the spider but I wanted to know if there a way where instead of sending this URL to the burp spider I can directly send it to the scanner i.e. tell burp to do a scan on this URL.

    1 Community Answer
    Feb 09, 2015 11:21PM UTC