Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Burp Extensions

Make a new post

  • saving state for extension data

    Is there a method to save/restore extension data as part of Burp's "save state"? I didn't see anything in the API docs. Just trying it, the extension data wasn't saved during a save and restore. Anything I'm missing, or should I just write my own save functionality for my data? Thanks!

    4 Agent Answers    3 Community Answers
    Jul 14, 2015 05:48PM UTC
  • Request and response time API must be implemented for logging functionality.

    I have asked in Burp Suite User Forum about "Accessing the response time" for long time ago, and I am waiting for 1.5 years approximately, regarding to http://forum.portswigger.net/thread/686/accessing-response-time On Jan 24, 2014 at 7:00pm ”We hear you :) We should be able to add this feature within the next 1-2 months.” but unfortunately long time no update, I'd l...

    1 Agent Answer    0 Community Answer
    Jul 14, 2015 02:12AM UTC
  • Exporting scan reports using carbonator

    Hi Guys, I have pro license for burp and I am using carbonator to automate my scan on windows. But as soon as the scan finishes, burp shuts down and I am unable to export the reports of scanner. Could you guys please let me know if there is any way to export the results in .html using the carbonator. Thanks in advance -Kalpesh

    1 Agent Answer    0 Community Answer
    Jul 08, 2015 12:48PM UTC
  • VirusTotal Extention

    Greetings- I've been writing an extension that will take a URL that is intercepted by burp and submit it to VirusTotal for analysis. Here is a snippet: def changeSelection(self, row, col, toggle, extend): # show the log entry for the selected row logEntry = self._extender._log.get(row) myVT = virusTotalAnalysis(logEntry._requestResponse.getUrl()) ...

    0 Community Answer
    Jul 06, 2015 10:45AM UTC
  • JRuby + Swing: Stderr doesn't go to UI until extension reload

    Burp 1.6.20, tried JRuby 1.7.12 and 9.0.0.0.rc1. In registerExtenderCallbacks, I instantiate a class that creates a Swing UI for my extension's configuration. The config UI creates a DefaultTableModel to hold my config data and JButtons for adding and removing rows. The JButton add/remove actionlisteners call a method in a Ruby class that reads the table data from the config UI's Defa...

    1 Agent Answer    0 Community Answer
    Jul 06, 2015 02:19AM UTC
  • Issue with the IBurpExtenderCallbacks method removeHttpListener

    I'm trying to remove a HttpListener that I have created. I noticed in the extender javadocs that there is a method called removeHttpListener, however the method doesn't exist in the IBurpExtenderCallbacks.java interface. I'm trying to be able to toggle the listener as I do not wanted to run all traffic through the extension when it isn't necessary. Additionally all of the ot...

    1 Agent Answer    1 Community Answer
    Jun 26, 2015 01:18AM UTC
  • Python interface text control

    Hi guys, I am reading the API documentation and i have not clean the funtion that i need to use for my question. Easy question, what API funtion i have to use for control the text portion selected from any part of 'burp output' ( repeater, request, response , etc )... Similar to API used from "Send to Decoder", that u can select any text and send to decoder. I want se...

    2 Agent Answers    2 Community Answers
    Jun 24, 2015 01:04AM UTC
  • Supported Layout Managers

    I've been noticing that when I use certain layout managers in my extension the extension no longer works. It doesn't throw any errors when I'm loading it, but it never creates its tab. What layout managers are actually supported? Or is this not supposed to be happening?

    1 Agent Answer    0 Community Answer
    Jun 17, 2015 07:15PM UTC
  • Update the content of the Intruder attack window

    I would like to intercept a request after an intruder attack is started. After the intercept, I want to modify the request and send them out. At the moment I'm trying it with a httpListener, but this does not update the attack window. Additionally I observed that Burp sends 2 requests, the first one is the original Intruder request an the second is the request I modified. How could I preve...

    1 Agent Answer    0 Community Answer
    Jun 12, 2015 08:19AM UTC
  • [python] registered callback 'performAction' never called

    I want to use a python extension to calculate a custom header I need to read a header, url and body (in case of POST) and calc a SHA1. my code so far: https://paste.cybertinus.nl/p/u33AS8kCnT I double checked al idents the 1 tab above the line "def performAction(self, currentRequest, macroItems):" is in place in my version, not in the pastebin. ======= from burp import IBu...

    1 Community Answer
    Jun 02, 2015 05:00PM UTC