Viewing requests sent by Burp extensions using Logger
Last updated: August 25, 2022
Read time: 3 Minutes
Extensions enable you to add new capabilities to Burp Suite's tools, or enhance existing ones. Many extensions modify requests that you've sent, or even generate their own. You may find it useful to study these requests, especially when trying to understand how an extension works or troubleshoot unexpected behavior.
From the 2022.5 release, Burp Suite requires Java 11 or later to run. This change should not impact you unless you run Burp Suite as a JAR file. However, any extensions written in a version of Java earlier than 11 may not run correctly from Burp Suite 2022.5 onward.
The Proxy > HTTP history tab only logs requests sent from the browser that were proxied via Burp. In this tutorial, you'll learn how to use the Logger tab to record requests from all of Burp's tools and any extensions that you have installed.
Step 1: Send requests using an extension
You first need to generate some traffic to view.
Use an extension on a website that you have permission to test. We'll use
https://portswigger-labs.net/, a deliberately vulnerable test domain, which you're also welcome to use.
For demonstration purposes, we have run a scan using the ActiveScan++ extension, but the Logger tab records traffic from all tools in Burp Suite, so you could use extensions for manual tools as well.
Step 2: Go to the Logger tab
By default, as you use any of Burp's tools, the Logger tab is populated in real-time, just like the Proxy > HTTP history tab.
The Columns menu allows you to show or hide various columns, which you can use to sort the requests.
Tasks on the dashboard, such as scans and Intruder attacks, also have their own task-specific Logger tab. You can view this by clicking View details on the tasks panel in the dashboard.
Step 3: Filter the Logger tab
You can filter the requests that are displayed by clicking the View filter bar.
Alternatively, you can apply a Capture filter to control which kinds of requests are logged in the first place.
From the Tool column, you can see which tool sent each request.
If an extension generated the request from scratch, it is listed under Extender. However, note that any requests that are simply modified by an extension are listed under the original tool that made the request.
In our example, the extension both modifies existing requests and generates its own. Therefore, to view all requests sent by the extension you need to make sure that both the Scanner and Extender tools are shown.
Step 4: Viewing individual requests
Clicking on a specific request opens the message editor, which shows the request and the response sent back by the server, just like the Proxy > HTTP history tab.
To the right of the window, the Inspector panel highlights potentially interesting features of the message.
You can also right-click on requests and perform a range of actions like sending them to other tools, highlighting or commenting on them, and more.
In this tutorial, you have learned how to better understand the behavior of an extension by using the Logger tab to see those requests in detail.
Was this article helpful?
An error occurred, please try again.