ProfessionalCommunity Edition
Filtering the HTTP history with Bambdas
-
Last updated: December 3, 2024
-
Read time: 2 Minutes
You can write Java-based Bambdas to create custom filters for your HTTP history.
Two objects of the Montoya API are available to help you write your Bambdas:
-
ProxyHttpRequestResponse
-
Utilities
To create a Bambda to filter your HTTP history:
-
In the Proxy > HTTP history tab, click the filter bar to open the HTTP history filter window.
The filter bar only appears when there is one or more messages in your HTTP history.
-
In the HTTP history filter window, click the Bambda mode tab.
-
Write your Bambda using Java.
-
Click Apply. This runs the Bambda and outputs any console output or compilation errors into the console. You must resolve any compilation errors before Burp can apply your Bambda.
-
Click Apply & close.
Burp compiles your Bambda and applies it to every item already logged in your HTTP history, and to any future HTTP traffic generated in this project.
Warning
Using slow running or resource-intensive Bambdas can slow down Burp. Write your Bambda carefully to minimize performance implications.
Example Bambda
In the example below, we'll create a Bambda that filters the HTTP history to show only items that meet the following criteria:
-
The request must have a response.
-
The response must have a
3XX
status code. -
The response must have a cookie set with the name
session
.
In this example, our Bambda is:
if (!requestResponse.hasResponse()) {
return false;
}
var response = requestResponse.response();
return response.isStatusCodeClass(StatusCodeClass.CLASS_3XX_REDIRECTION) && response.hasCookie("session");
Converting HTTP history filter settings to Bambdas
If you have already used Settings mode to configure an HTTP history filter, you can convert these settings to a Bambda.
Note
Converting your filter settings overwrites any existing Bambda in your HTTP history.
To convert your filter settings to a Bambda:
-
In the Proxy > HTTP history tab, click the filter bar to open the HTTP history filter window.
-
Make changes to the filter settings (if necessary).
-
At the bottom of the HTTP history filter window, click Convert to Bambda.
Your filter is now converted into a Bambda, enabling you to customize it further using Java.
Related pages
For more information on how to load Bambdas, save your Bambda, or troubleshoot errors with your Bambda, see our Bambdas documentation.