Listen to this Post

BurpSuite’s built-in scanning engine is powerful but has limitations, such as:
1. Scanner requests not being saved to History
2. Difficulty combining with extensions like Collaborator Everywhere
3. Challenges in modifying requests during scans
A workaround is proxying scanner requests through a second BurpSuite instance:
Step-by-Step Implementation
1. Launch Two BurpSuite Instances
- First instance (Burp “Scanner”):
java -jar burpsuite_pro.jar &
- Second instance (Burp “Proxier”):
java -jar burpsuite_pro.jar &
2. Configure Scanner Instance
- Set Listening Proxy to `localhost:8080`
- Set Upstream Proxy to `localhost:9999`
3. Configure Proxier Instance
- Set Listening Proxy to `localhost:9999`
4. Initiate Scan
- Run the scan from the Scanner instance.
- All requests will forward to the Proxier instance and appear in Proxy History.
5. Enhancements
- Activate extensions (e.g., Collaborator Everywhere):
Extender > BApp Store > Install Collaborator Everywhere
- Modify requests dynamically via Proxy > Intercept.
You Should Know:
Essential BurpSuite Commands & Tricks
- Start BurpSuite Headless (Linux):
java -jar -Xmx4G burpsuite_pro.jar --use-defaults --config-file=my_config.json
- Automate with Python (Burp API):
from burp import IBurpExtender class BurpExtender(IBurpExtender): def registerExtenderCallbacks(self, callbacks): self._callbacks = callbacks self._helpers = callbacks.getHelpers() callbacks.setExtensionName("Custom Scanner") - Log Scanner Traffic (Bash):
tcpdump -i lo -w burp_traffic.pcap port 9999 or port 8080
- Modify Requests via Macros:
Project Options > Sessions > Macros > Add
Expected Output:
- Scanner requests stored in Proxy History.
- Enhanced scans via extensions.
- Real-time request manipulation.
What Undercode Say
Combining multiple BurpSuite instances unlocks advanced scanning flexibility. This method is particularly useful for:
– Bug Bounty Hunters needing historical request logs.
– Pentesters integrating custom extensions.
– DevSecOps automating dynamic scans.
For further reading:
Prediction
As web app attacks evolve, BurpSuite will likely integrate native dual-proxy support, reducing manual setup overhead. Meanwhile, this workaround remains a must-know for advanced testers.
Expected Output:
[+] Scanner requests logged in Proxy History [+] Collaborator Everywhere active [+] Real-time request modification enabled
IT/Security Reporter URL:
Reported By: Aaandrei %F0%9D%90%96%F0%9D%90%A1%F0%9D%90%A2%F0%9D%90%A5%F0%9D%90%9E – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅


