Burp Extension for Intruder Payload with multiple payload lists
Hi, I am working on creating a extension for burp suite where a user can choose from a list of payload lists [one list for angular payloads, one list for react payload] according to the framework of...
View ArticleXML tab "Reparse" Programmatically
Hi, I would like to know how the "Reparse" button in the request/response "XML" tab reformats XML documents programmatically via Java. Specifically, I am wondering what library(s) are used for this. I...
View ArticleExtensions are not loading with Burp defaults
Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that...
View ArticleExtension load error code
os win 7 java.lang.ExceptionInInitializerError at org.python.util.PythonInterpreter.(PythonInterpreter.java:100) at org.python.util.PythonInterpreter.(PythonInterpreter.java:94) at...
View ArticlePause scanner from extension
Is there any API to pause the scanner from an extension? For example, let's say you are scanning an API with a rate limiter, and your extension can detect that you are getting close to the limit, can...
View ArticleGet All URLs from a Website
Hello, I am currently writing a burp Extension. I need to get all URLs from the Website before the active Scan. How can I do this? Thanks
View ArticleBurpSmartBuster Not Working
Hello, Whenever I try to use BurpSmartBuster it generates errors and does not work properly. It had worked at some point in the past, but that was at least 6 months ago. I am using Burp Suite Pro...
View ArticleFailed to update Bapp List
Hi, My burp store list fails to be updated. I am using my employer's proxy settings and it may create some conflicts OR block some traffic. Do you have any work around this problem? Do you know how I...
View ArticleOutdated extensions and open pull requests
Hello, some extensions (like "Add Custom Header") don't have their latest version available in the BAppStore, and that lasts for a few months (and I hate having to maintain private versions) First, I...
View ArticleCustom Extension for Whitelisting
Burp Suite Pro v1.7.23 Is it possible to skip a certain link/URL for specific checks (e.g. CSRF, SQL Injection) during a scan, while remaining them ticked in Scanner Options? So for better...
View ArticleJython - ImportError: No module named expatreader
Hi, I would like to use defusedxml package. I am using Jython 2.7.1 standelone and I created virtual pyhton env where I installed defusedxml. I set up in bup extender "folder for loading modules" to -...
View ArticleCan't Add a Extension to be Executed by session handling rule for checking...
Hi, First off just wanted to say that you guys have been doing a great job with Burp, it pretty much covers 85 - 95% of my daily web app pentesting needs with the core functionalities. So my problem is...
View ArticleAdditional Scanner Checks - Does it report HTTP 404 & 403 pages?
Hi, I am wondering if the Burp Extension - Additional Scanner Checks reports missing HTTP headers for HTTP 404 & 403 pages?
View Article