1. Support Center
  2. BApp Store
  3. Burp CSJ
Professional Community

Burp CSJ

This extension integrates Crawljax, Selenium and JUnit together. The intent of this extension is to aid web application security testing, increase web application crawling capability and speed-up complex test-cases execution.

Quick Start:

  • Install the BurpCSJ extension into Burp.
  • Choose the URL item from any Burp tab (e.g. target, proxy history, repeater).
  • Right click on the URL item.
  • Choose menu item "Send URL to Crawljax".
  • Crawljax will automatically start crawling the URL that you choose.

Minimum Requirements:

  • Java 1.7.
  • A modern browser installed (e.g. Firefox 34.x).
  • If you intend to use JUnit, then you would need JDK to compile classes and Selenium IDE to export JUnit test cases.
  • Enough memory when starting Burp if you also want to use BurpCSJ (recommended to use a 64bit env)

If you are planning to use Chrome, IE or PhantomJS browsers you would need the following drivers/executables:


Tested on:

  • Windows 7 with Java(TM) SE Runtime Environment (build 1.8.0_25-b18) and Burp Pro 1.6.09
  • OS X Mavericks with Java(TM) SE Runtime Environment (build 1.7.0_67-b01) and Burp Pro 1.6.05
  • Kali Linux with OpenJDK Runtime Environment (IcedTea 2.5.1) (7u71-2.5.3-2) and Burp Suite Free 1.6

Known Issues:

  • If you intend to use BurpCSJ when crawling over HTTPS, then it is recommended to use Firefox or Chrome browsers.
  • There are issues with Remote WebDriver and browsers such as PhantomJS or IE.
  • Also, there is an issue using the 64bit IE Driver (recommended to use the 32bit one instead).
  • When a crawling session is started and you need to interrupt for any reason, the browser driver might not close properly, so you might decide to kill it.
Author Roberto Suggi Liverani
Version 1.2
Last updated 23 March 2015

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for this BApp by visiting our GitHub page.
Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.
Download BApp

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore