Wielding Burp Suite
quick-start your Jython extensions and automation

Guides and resources for Burp Suite users to quickly learn about Burp's Extender API as well as its built-in automation features.

Details

Quick-start your Jython extensions and automation using the resources contained in this page.

  • Start with this quick presentation, then look at the resources below:

Resources

Guides

  1. Set up Burp Suite to use Jython
    • Download the latest Jython release from jython.org.
    • Make sure to get the Standalone Jar, not the installer!

    • Open Burp Suite, go to Extender > Options and point Burp to your Jython file:
    • If your extension imports non-standard Python modules/files, use that optional field to point Burp to the directory which holds those modules/files. You can then perform Python imports from that directory; for example, when your extension is actually comprised of many .py files.

  2. Set up the Extender API on Intellij IDEA
    • Download the latest Jython release from jython.org.
    • Make sure to get the Installer, not the standalone jar!

    • Watch the following 3-minute video (turn captions on and enjoy the random music):
    • Here's a shot of the IDE at work:
  3. Give Burp Suite more memory
    • To give Burp Suite more memory, open a command prompt and execute the following:
    • "[Java executable location]" -jar -Xmx1G -XX:MaxPermSize=1G "[Burp Suite .jar location]"

      E.g.: "C:\Program Files\Java\jre1.8.0_45\bin\java.exe" -jar -Xmx1G -XX:MaxPermSize=1G "C:\BurpSuite\burpsuite_pro_v1.6.19.jar"

      >>Note that Permanent Generation has been deprecated on Java 8. If you include the MaxPermSize option, it will simply be ignored.