Research Academy
My account Customers About Blog Careers Legal Contact Resellers
  1. Support Center
  2. BApp Store
  3. Collaborator Everywhere

Professional

Collaborator Everywhere

Download BApp

This extension inserts Burp Collaborator payloads into all HTTP headers and URL parameters of in-scope traffic. It helps uncover vulnerabilities like SSRF and blind RCE by injecting payloads into every possible entry point during active testing.

Note: This extension is an improved version of the original Collaborator Everywhere, developed by James 'albinowax' Kettle. The original source code for Collaborator Everywhere can be found here: https://github.com/PortSwigger/collaborator-everywhere

Features

Original functionality

  • Insert a freshly generated Collaborator payload to certain headers in every request to an in-scope host.
  • Raise an issue if a request to one of these Collaborator URLs has been received.
  • Display detailed information about the request in the issue and which payload caused it.
  • Show time difference between the original request and the received interaction.
  • Check own external IP address and add a disclaimer if the interaction was received from the own address.
  • Includes payloads to modify HTTP header fields and URL parameters.
  • Payloads can be constructed with a placeholder that is replaced with the Host header value of the original request.

New functionality

  • Payloads can be added, modified, deleted, enabled or disabled in a new tab.
  • Additionally, payloads can be imported from a file. See payloads for examples.
  • All received interactions are displayed in a new tab similar to the built-in Collaborator, with more details provided for individual entries.
  • Requests that caused an interaction are highlighted in the Proxy history.
  • Added new placeholders to use the value of the Origin and Referer header fields in a payload.
  • Interactions are stored persistently in the project file.
  • Settings are stored in Burp's user settings and survive a reload of the extension.

Usage

  1. Ensure your Burp project has a Collaborator server configured (by default, Burp will use the public Collaborator server).
  2. Set your "Target → Scope". This limits where payloads are injected.
  3. Adjust your poll interval as necessary.
  4. When using a browser proxied through Burp, the extension will inject payloads into all headers and parameters of in-scope requests, as specified by your "Payloads" tab.
  5. Monitor the "Interactions" table within the extension tab to analyze incoming responses from the Collaborator server.

This tool is particularly useful for testing out-of-band vulnerabilities in scenarios where manual injection would be time-consuming or error-prone.

Author

 Author

Andreas Brombach, Compass Security, James Kettle

Version

 Version

2.0.1

Rating

 Rating

Popularity

 Popularity

Last updated

 Last updated

14 July 2025

Estimated system impact

 Estimated system impact

Overall impact: Low

Memory
Low
CPU
Low
General
Low
Scanner
Low

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for all BApp Store extensions on our GitHub page.

Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore

Note:

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.