API Documentation
View the full technical details for the latest Burp API, within the online Javadoc.
To view or save a copy of the interface code files for your version of Burp, go to Extender / APIs.
Note: Prior to v1.5.01, Burp exposed a much more restricted legacy API.
Sample extensions to get you started
Below are some examples of simple extensions, including examples using Java, Python and Ruby. You can also view the source code for all BApp Store extensions on our GitHub page.
Name | Description | Get File | |
---|---|---|---|
Hello world | Java Python Ruby | This is a very simple extension that prints some output to various locations within Burp. | Download |
Event listeners | Java Python Ruby | This extension registers listeners for various runtime events, and prints a message when each event occurs. | Download |
Traffic redirector | Java Python Ruby | This extension redirects all outbound requests from one host to another. | Download |
Custom logger | Java Python Ruby | This extension adds a new tab to Burp's user interface, and displays a log of HTTP traffic for all Burp tools, in the style of Burp's Proxy history. | Download |
Custom editor tab | Java Python Ruby | This extension adds a new tab to Burp's HTTP message editor, in order to handle an unsupported data serialization format. | Download |
Custom scan insertion points | Java Python Ruby | This extension provides custom attack insertion points for active scanning, allowing Burp's scanning engine to work with an unsupported data serialization format. | Download |
Custom scanner checks | Java Python Ruby | This extension implements custom checks to extend the capabilities of Burp's active and passive scanning engines. | Download |
Custom session tokens | Java Python Ruby | This extension demonstrates working with custom session tokens that Burp normally doesn't understand. | Download |
Intruder payloads | Java Python Ruby | This extension provides custom Intruder payloads and payload processing. | Download |