Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Burp Extensions

Make a new post

  • Cannot load saved user options with --config-file in command line

    Dear Guys, My problem: I saved the user options into some JSON format configuration file, and then I can load it from GUI successfully, all the configured extensions are there, it's very good. However, I cannot load the configurations by starting Burp-Suite [latest version, 1.7.13, professional] from command line with "--config-file", all extensions are gone...And no clues there...

    2 Agent Answers    1 Community Answer
    Dec 08, 2016 06:06AM UTC
  • Cleanup Scheduler

    Hi everyone I am developing a custom Burp extension which basically modifies HTTP requests and responses (using IHttpListener) of various third-party tools. Since some of these tools are running for a rather long time, I would like to implement a scheduler which does a cleanup, lets say every 10 minutes. I was thinking about the following tasks: - Deleting the proxy history - Deleting the...

    1 Agent Answer    1 Community Answer
    Dec 07, 2016 09:31AM UTC
  • Hey guys

    ─░ts a test post

    1 Agent Answer    2 Community Answers
    Nov 30, 2016 12:33PM UTC
  • Is there any method to get response in two different places

    Is there any method to get response in two different places

    3 Agent Answers    2 Community Answers
    Nov 25, 2016 03:26AM UTC
  • Export sequencer results

    Hi, Is sequencer results are exportable or copyable ? Cheers

    1 Agent Answer    0 Community Answer
    Nov 23, 2016 04:41PM UTC
  • IContextMenuFactory: ICONTEXT_TARGET_SITE_MAP_TABLE only returns Request and No Response

    menu.getSelectedMessages(); returns the proper Request/Responses for pretty much all of the locations, except for CONTEXT_TARGET_SITE_MAP_TABLE . For some reason I'm pulling the request with that one, but not response. Is there something special I need to do to get the full request/response?

    1 Agent Answer    1 Community Answer
    Nov 18, 2016 06:27PM UTC
  • byte[] to IHttpRequestResponse

    Hello, I have two byte arrays with a HTTP request and response, and I would like to create a IHttpRequestResponse containing them both, I have been trying to do it with no success, could someone help me please? Thank you

    1 Agent Answer    1 Community Answer
    Nov 16, 2016 02:02PM UTC
  • Burp Extension: Get Focus on Tab after Custom Menu Action

    I've written a Burp Extension to add functionality. Everything works great, but I'm having one very stupid issue. When a user Right-Clicks on a Request/Response the context menu allows them to send these requests to my extension. For the life-of-me, I can't seem to get the Focus to follow the click, so my custom tab is opened up after data is sent to it. Theoretically, it s...

    1 Agent Answer    3 Community Answers
    Nov 16, 2016 03:51AM UTC
  • Saving Settings with Multiple Extensions

    When I save settings for an extension I use the callbacks like this: mCallbacks.saveExtensionSetting("SOME_NAME", "SOME_VALUE"); But is the saveExtensionSetting method aware of which extension saved it? If I create a different extension that saves a setting using the exact same name does that risk overwriting the first one?

    1 Agent Answer    0 Community Answer
    Nov 15, 2016 09:32PM UTC
  • updateCookieJar: Domain cannot be null

    I have written an extension that submits a login, reads a cookie in the response, and adds it to the cookie jar. The cookie in the response does not include a domain attribute. Set-Cookie: token=znNMQ6l4WvwAQDdmu1rIMxWHiC84Hy4YJ4B1vgQ05oPPuKh-SxG3g_DjhfRbgaTDqMCmAFnUQ9_3M; Path=/; Expires=Wed, 16 Nov 2016 00:16:39 GMT; HttpOnly; Secure I get the cookie as an ICookie from the response: I...

    1 Agent Answer    1 Community Answer
    Nov 15, 2016 12:40AM UTC