Professional Community

Reshaper

Trigger actions and reshape HTTP request and response traffic using configurable rules

Rules

Rules allow you to set actions to perform (called Thens) if HTTP messages/connections (event) received by Burp Suite meet certain criteria (called Whens). Rules are processed in order.

Whens

  • Event Direction - If the HTTP message is a Request or Response
  • Has Entity - If the HTTP event contains a certain entity
  • Matches Text - If a value (text, variable, or HTTP event entity) matches a value
  • Content Type - If the HTTP request body is reported to match specified content types
  • MIME Type - If the HTTP response body is reported to match specified MIME types
  • Proxy Name - If received by a certain Burp proxy listener
  • From Tool - If the HTTP message is from a specific Burp tool
  • In Scope - If the URL is in the suite-wide scope

Thens

  • Break - Stop rules or then action processing
  • Delay - Delay further processing/sending of the HTTP event
  • Log - Log message to the Burp extension console
  • Highlight - Highlight the request/response line in the HTTP history
  • Comment - Add a comment to the request/response line in the HTTP history
  • Prompt - Get text via a prompt dialog
  • Run Rules - Run a specific rule or all auto-run rules
  • Run Script - Execute a JavaScript script
  • Evaluate - Perform operations on values
  • Set Event Direction - Change whether to send a request or to send a response at the end of processing
  • Set Encoding - Set the encoding used to read and write bytes of the HTTP request or response body
  • Set Value - Set the value of an HTTP event using another value (text, variable, or HTTP event entity)
  • Delete Value - Remove an HTTP message entity
  • Set Variable - Set a variable using another value (text, variable, or HTTP event entity)
  • Delete Variable - Delete a variable
  • Save File - Save text to a file
  • Send To - Send data to other Burp tools or the system default browser
  • Run Process - Execute a command in a separate process
  • Build HTTP Message - Build an HTTP request or response message and store the full text in a variable
  • Parse HTTP Message - Extract values from an HTTP request or response message and store the values in variable
  • Send Request - Send a separate HTTP request
  • Drop - Have Burp drop the connection

Variables

Share values across different rules while processing the same event or all events

Author

Author

Daquanne Dwight

Version

Version

1.8.3

Rating

Rating

Popularity

Popularity

Last updated

Last updated

06 July 2022

Estimated system impact

Estimated system impact

Overall impact: Low

Memory
Low
CPU
Low
General
Low
Scanner
Low

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for all BApp Store extensions on our GitHub page.

Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore

Note:

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.