Error "Request was dropped by the user" in Custom tab while using Burp extender
Hi, I am new to building burp plugin, I have implemented a message editor, but when I toggle the interceptor on and off, I get an error in the text editor itself: Error: "le>Burp Suite Professional...
View ArticleSerializing IScanIssues
Hello Support Team, So I have created an implementation of IScanIssue but I am getting errors when trying to JSON encode the class like this: "java.lang.IllegalArgumentException:...
View ArticleAccessing marker indexes from Intruder Payload
Hello Support, I am trying to grab the indexes from a user created Intruder payload but it doesn't seem like it is possible within the APIs. If I already have markers I can apply them to a...
View ArticleHow to integrate Scan Check Builder integration with Burp Extension API
How to integrate Scan Check Builder integration with Burp Extension API? I'm able to submit active scans by selecting profile manually through tool. But I want to integrate Scan Check builder with Burp...
View ArticlePackaging Burp Extensions
How are we supposed to package extensions that require both Java and Jython? I've an extension which uses 2 python projects and those 2 use python modules like six. How should I package it for...
View ArticleBurp Extensions Distribution
Hello, Can you please help with the question at https://support.portswigger.net/customer/en/portal/questions/17629848-packaging-burp-extensions?new=17629848? Not sure if it's not answered as there is a...
View Articlehow can I add the resulting of this a burp plugin to the sitemap?
Hi I made a burp plugin to convert get to post and post to get and it is working when I am scanning the web app but how can I add the resulting of this plugin to the sitemap? this is my burp plugin:...
View ArticleBapps folder and non BApp store extensions
Hey guys, I have a question on how Burp installs extensions from BApp store vs local extensions. It looks like for ones installed from the store, Burp stores them under the bapps folder. However for...
View Articletrigger an active scanning programatically
Dear burp team, From an extension I would like to firstly do an passive scanning. Once the application was scanned then I would like programatically for each (passive) request to do an active scanning....
View ArticlePacking/Unpacking custom POST data format for Active Scans
I'm trying to write an extension to test a mobile API endpoint that uses a homebrew message level encryption format. Basically there is a pre-shared AES key between the mobile app and the server, and...
View ArticleMaking a custom extender interface
Hi to all! Im currently creating a burp extension and I was wondering if there was any way to make an interface for it (Not just print things into the extender console). I read something about some...
View ArticleCan I Dynamicly Proxy a Https Request in Burp Extention?
I am writing a random ip proxy extention to handle the problem of bloking ip when exceeding target's request rate limit.But i fount the setHttpService isn't work when the request is https.what can i do...
View ArticleCO2 extension
Hello, may I know whether it is free to install the co2 extension in burp suite professional? thanks
View ArticleHeadless burp authenticated scans
How can I perform an authenticated scan using headless burp?
View ArticleAdd Custom Headers stopped to work.
Hi Guys! Any changes in Add Custom Headers extension? It stopped to work on Linux/Windows/1.7 and 2.X Burp versions. (:
View ArticleTrouble integrating requests python library and jython
Im currently building a burp extension using Jython. At one point I basically get URLs from the proxy Tab and make an additional request with that url+someEndpoint with the Python Requests library. The...
View ArticleOld version of AutoRepeater in the BApp store
Hello, extension AutoRepeater is available in the BApp store as version 1.0 from April, 4th 2018. The latest commit from the original repository https://github.com/nccgroup/AutoRepeater was on July...
View ArticleBurp Suite Automation
Hi All We are trying to automate to test various vulnerabilities like xpath injection,sql injection, Cross-site scripting etc. We have referred the following link...
View ArticleSend to decoder programmaticaly from extensions
There are methods in IBurpExtenderCallbacks for sending data to - repeater, - intruder, - comparer, and - spider. Why isn't there one for decoder? When writing a custom message editor with a custom...
View ArticleScan Configuration
I am building an extension that calls doActiveScan and doPassiveScan. Is there a way to specify the scanner configuration. Currently tasks are created and there is a default scanner configuration used...
View Article