ENTERPRISE

Adding extensions to Burp Suite Enterprise Edition

  • Last updated: May 17, 2022

  • Read time: 2 Minutes

You add all extensions to Burp Suite Enterprise Edition from the extension library.

Prerequisite permissions for adding extensions

Only users with the Manage extensions permission can add extensions to the library. Initially, this is only assigned to the built-in Administrator role.

Warning

Be careful when granting this permission to additional users. During a scan, extensions run on your scanning machine with the permissions of the burpsuite OS user. Therefore, there is a potential security risk if someone inadvertently uploads a fake extension created by a malicious third party.

Adding a BApp to Burp Suite Enterprise Edition

To add a BApp:

  1. Download the BApp from the BApp Store. Make sure that it is compatible with Burp Suite Enterprise Edition - you can filter the store to make this easier.

  2. Log in to Burp Suite Enterprise Edition as a user with permission to manage extensions.

  3. From the settings menu, select Extensions to open the extension library.

  4. On the BApp extensions tab, click Upload BApp.

  5. Select the .bapp file that you downloaded from the BApp Store.

  6. The extension is added to your library. Your users can now apply the extension to specific sites so that it can be used during scans.

Adding a custom extension to Burp Suite Enterprise Edition

To add a custom extension:

  1. Log in to Burp Suite Enterprise Edition as a user with permission to manage extensions.

  2. From the settings menu, select Extensions to open the extension library.

  3. On the Custom extensions tab, click Upload extension.

  4. Select the JAR file for the extension.

  5. Enter a name and description for the extension, then click Add.

  6. The extension is added to your library. Your users can now apply the extension to specific sites so that it can be used during scans.