Burp Extensions

Make a new post

  • Get local path of burp file via API

    I'm looking to be able to save information to the same directory as my Burp project file through a Burp Extension. I organize my project files in folders with respect to the applications I'm testing. There is the getCommandLineArguments method from callbacks, however I don't run Burp through the command line. I'd be fine doing this, but I'm not sure if I can load a...

    2 Agent Answers    2 Community Answers
    Dec 10, 2018 03:41PM UTC
  • Custom payload processor / generator

    My intruder scenario is brute forcing uids that are calculated based date. Current intruder has date payload, that is superb for the job. Now i would like to process these dates with my custom extension that formes uid from date. However there is one to many relationship here - one date generates up to 999 different uids. How can i return multiple processed payloads from my extension processPay...

    1 Agent Answer    0 Community Answer
    Nov 21, 2018 04:48PM UTC
  • Issues with burp scanner

    For one of my scan, I noticed that the scan threads request/response doesn't look like a actual captured request/response which were captured while crawling the application, Cookie part was removed from the requests for most of the scan threads during scan and got 302 Found, 404 not found, 401 Unauthorized and for some 200 ok. How to resolve this issue?

    1 Agent Answer    0 Community Answer
    Nov 02, 2018 01:31PM UTC
  • Saving HttpRequestResponse to file

    I noticed that there's a method called saveBuffersToTempFiles() that says that it allows saving of HttpRequestResponse objects to a file. Is there anymore information on how to use this? I haven't been able to successfully use it. Is there an alternative way to save the state of extensions using this method or a less hacky way without using addToSiteMap()? https://portswigger.net/burp...

    2 Agent Answers    2 Community Answers
    Oct 30, 2018 09:03PM UTC
  • Burp API Javadoc not accessible

    I noticed that the javadoc for the Burp API is no longer accessible. Was this on purpose for the 2.0 beta? https://portswigger.net/burp/extender/api/

    1 Agent Answer    0 Community Answer
    Oct 13, 2018 09:18PM UTC
  • Burp Extension + UpStream Proxy SLOWWWW

    Hi all, I created a burp extension that decrypts AES traffic. The infrastructure I am testing is in such way that all requests' payloads are being encrypted with AES. In order to work around this, I am sending the request to another Burp Instance to do the analysis and then finally send it to the server. The problem I am facing is that when I make a request, it takes around 3 minutes...

    1 Agent Answer    1 Community Answer
    Oct 10, 2018 03:09PM UTC
  • Accessing rendered HTML

    Hi, Is it possible to analyze the contents of a response once it has been rendered? i.e - The magic behind the render tab Thanks

    2 Agent Answers    2 Community Answers
    Oct 05, 2018 02:59AM UTC
  • Payload generator UUID

    Is there an extension of the burp that create UUIDs on payloads?

    3 Agent Answers    2 Community Answers
    Sep 27, 2018 11:19PM UTC
  • Burp extention: Use of 'Analyze Traget' in custom extender

    Hi, Can I get data(Engagement Tool->Analyze Target) of a target URL in custom burp extension? Actually, I need the data before running the scanner. If I get the data in extension, I can log the values when the scanner starts for a specific target.

    1 Agent Answer    0 Community Answer
    Sep 10, 2018 10:32AM UTC
  • Failed to load any python extension

    Hi! I have a problem with loading any python base extension in burp. I downloaded a jyton-standalone-2.7.0.jar and also configured python environment in extender options but when I want to install any python base extension via BApp Store I get error in the bottom right corrner "Failde to load BApp". I am using java in version - jdk-9.0.4 (burp is working fine). Does anyone know whe...

    4 Agent Answers    4 Community Answers
    Sep 06, 2018 03:40PM UTC