Get involved in the Burp challenge for opportunities to test your skills and win swag  –   Challenge me

PROFESSIONALCOMMUNITY

Filtering the WebSockets history

  • Last updated: November 25, 2022

  • Read time: 2 Minutes

You can filter the WebSockets history to make it easier to analyze. This enables you to systematically examine a large Proxy history and understand where different kinds of interesting requests appear.

The filter bar above the list of interactions describes the current display filter. To configure this, click the filter bar to open the Filter settings window.

WebSocket history filters

In the Filter settings window you can:

  • Filter by request type - You can choose to show:

    • Only the items that are in-scope.
    • Only incoming messages.
    • Only outgoing messages.
  • Filter by search term - You can:

    • Filter responses that contain a specified search term.
    • Use a literal string or a regular expression.
    • Make your search case-sensitive.
    • Select Negative search, so only items that don't match the search term are shown.
  • Filter by annotation - This enables you to only show items with comments or highlights.
  • Filter by listener - You can show items received on a specific listener port. This can be useful when testing access controls.

The filters only control what is displayed. If you hide items, they are not deleted: they reappear if you reset the filter.

Adding annotations

You can add comments and highlights to history items. This enables you to describe the purpose of different items, and to flag interesting items for further investigation.

To highlight a WebSockets history item:

  1. In the WebSockets history tab, select the history item from the list.
  2. Right-click the item and select Highlight.
  3. Select a color from the list.

To add a comment:

  1. In the WebSockets history tab, select the history item from the list.
  2. Double-click the Comment column.
  3. Enter your comment in the cell.

You can also annotate items as they appear in the Intercept tab. These automatically appear in the WebSockets history.

Was this article helpful?