PROFESSIONALCOMMUNITY

Viewing requests sent by Burp extensions using Logger

  • Last updated: May 17, 2022

  • Read time: 2 Minutes

Extensions enable you to add new capabilities to Burp Suite's tools, or enhance existing ones. Many extensions modify requests that you've sent, or even generate their own. You may find it useful to study these requests, especially when trying to understand how an extension works or troubleshoot unexpected behavior.

The Proxy > HTTP history tab only logs requests sent from the browser that were proxied via Burp. In this tutorial, you'll learn how to use the Logger tab to record requests from all of Burp's tools and any extensions that you have installed.

Step 1: Send requests using an extension

You first need to generate some traffic to view.

Use an extension on a website that you have permission to test. We'll use https://portswigger-labs.net/, a deliberately vulnerable test domain, which you're also welcome to use.

For demonstration purposes, we have run a scan using the ActiveScan++ extension, but the Logger tab records traffic from all tools in Burp Suite, so you could use extensions for manual tools as well.

Step 2: Go to the Logger tab

By default, as you use any of Burp's tools, the Logger tab is populated in real-time, just like the Proxy > HTTP history tab.

The Logger tab populating with requests

The Columns menu allows you to show or hide various columns, which you can use to sort the requests.

Note

Tasks on the dashboard, such as scans and Intruder attacks, also have their own task-specific Logger tab. You can view this by clicking View details on the tasks panel in the dashboard.

Task specific logger tabs

Step 3: Filter the Logger tab

You can filter the requests that are displayed by clicking the View filter bar.

Filtering the Logger tab by tool

Alternatively, you can apply a Capture filter to control which kinds of requests are logged in the first place.

From the Tool column, you can see which tool sent each request.

Note

If an extension generated the request from scratch, it is listed under Extender. However, note that any requests that are simply modified by an extension are listed under the original tool that made the request.

In our example, the extension both modifies existing requests and generates its own. Therefore, to view all requests sent by the extension you need to make sure that both the Scanner and Extender tools are shown.

The tools column

Step 4: Viewing individual requests

Clicking on a specific request opens the message editor, which shows the request and the response sent back by the server, just like the Proxy > HTTP history tab.

To the right of the window, the Inspector panel highlights potentially interesting features of the message.

You can also right-click on requests and perform a range of actions like sending them to other tools, highlighting or commenting on them, and more.

Summary

In this tutorial, you have learned how to better understand the behavior of an extension by using the Logger tab to see those requests in detail.