Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Burp Extensions

Make a new post

  • How do I highlight requests in a custom ITextEditor?

    I am writing a extension that adds a IMessageEditorTab to each request that displays a modified HTTP body. The base of the code is very similar to How do I get the ITextEditor to colorize the HTTP request the way it does in the raw tab?

    1 Agent Answer    0 Community Answer
    May 19, 2017 09:41AM UTC
  • SAXParser Dependency Delimma

    Hi guys, I'm in the process of writing a Burp extension in Python, and one of the dependency libraries makes use of the "xml.etree.cElementTree" module to parse XML markup. The problem is that any call to the "xml.etree.cElementTree.parse" function causes Jython to raise the following exception "java.lang.ClassNotFoundException: org.apache.xerces.parsers.SAXPars...

    7 Agent Answers    12 Community Answers
    May 19, 2017 08:02AM UTC
  • Extension for session handling not loaded

    Hi, I use Extensions together with Makros and Makro-Postprocessing Extensions (for Session Management und Relogin). Generell the concept works. From time to time (every other our) I get alerts ("Configured Burp extension session handling is not loaded: ...") To fix this, I currently reconfigure the Session handling rule to remove the extension action handler, restarts burp, add ...

    4 Agent Answers    4 Community Answers
    May 12, 2017 09:37AM UTC
  • Override final ActiveScan values to insert custom payload?

    Is there a way to override ActiveScan checks or the order of checks so a custom check is run last? I'm trying to detect a certain type of XSS attack in our application where we're using Selenium to detect if javascript actually executes or not. I'm trying to find a way to keep my custom attack in all the fields long enough to run the selenium checks. Either by putting it at the e...

    1 Agent Answer    0 Community Answer
    May 08, 2017 03:44PM UTC
  • IContextMenuInvocation - getSelectedMessage of original request / response

    Hi I have added a custom context menu item, which reads the selected text of the currently open request / response. So far so good, however in the history view of Burp, when i have three tabs, i can only differentiate between Edited Request and Response. This means if the user has the Original Request Tab open and uses the context menu, the Edited Request text is returned from ihrr.getRequest...

    2 Agent Answers    1 Community Answer
    May 05, 2017 11:42AM UTC
  • Setting up Burp Proxy

    is there any way i can set up burp proxy and port programmatically using burp extender?

    2 Agent Answers    1 Community Answer
    May 04, 2017 08:12PM UTC
  • Cannot import burp Extentions from python file

    I'am trying to import IBurpExtender into my extention but I cant seem to import any of the API. I keep getting an import error. I cant figure out what is wrong. Traceback (most recent call last): File "/opt/......./", line 4, in <module> from burp import IBurpExtender File "/opt/......../", line 4, in <module> from burp import I...

    4 Agent Answers    4 Community Answers
    May 02, 2017 08:55PM UTC
  • Using IBurpExtenderCallbacks.makeHttpRequest at Background

    I am trying to send 10 new requests after all requests generated by proxy. For that, I am handling requests in processHttpMessage method and sending requests with IBurpExtenderCallbacks.makeHttpRequest. It works but the problem is that you wait until those 10 requests made to see response of proxy and it takes time. I want those requests are sent at background while i am using burp proxy simult...

    1 Agent Answer    1 Community Answer
    Apr 29, 2017 10:19PM UTC
  • Custom Hotkey for Burp Extension

    Dear Portswigger Team, Is it possible to register a hot key for an action provided by an extension? My use case is the following: I have created a new behaviour for "Send to Intruder" (default ctrl+i) and for this purpose added a new context menu item. Ideally, this menu action could be invoked by a custom hot key, e.g., ctrl+shift+i. Cheers, Franz

    1 Agent Answer    0 Community Answer
    Apr 23, 2017 03:46PM UTC
  • IMessageEditor get selected Offset (similar to textEditor)

    Hi Team I'm using an IMessageEditor object to create a combination of repeater and intruder. However, the function i am missing for IMessageEditor is the getSelectionBounds() (which exists for ITextEditor . What would be a good way to achieve this?

    3 Agent Answers    2 Community Answers
    Apr 17, 2017 05:04PM UTC