Trigger actions and reshape HTTP request and response traffic using configurable rules

Rules

Rules allow you to set actions to perform (called Thens) if messages/connections (event) received by Burp Suite meet certain criteria (called Whens). Rules are processed in order.

Whens

• Content Type - If the HTTP request body is reported to match specified content types
• Event Direction - If the HTTP message is a Request or Response, or if the WebSocket message is directed toward the client or server
• From Tool - If the HTTP/WebSocket message is from a specific Burp tool
• Has Entity - If the HTTP/WebSocket event contains a certain message value entity
• In Scope - If the URL is in the suite-wide scope
• Matches Text - If a value (text, variable, or HTTP/WebSocket message value entity) matches a value
• Message Type - If the WebSocket message is text or binary
• MIME Type - If the HTTP response body is reported to match specified MIME types
• Proxy Name - If received by a certain Burp proxy listener
• Repeat - Repeat a group of When constraints for each item in a list

Thens

• Break - Stop Rules or then action processing
• Build HTTP Message - Build an HTTP request or response message and store the full text in a variable
• Comment - Add a comment to the line item in the HTTP/WebSocket history
• Delay - Delay further processing/sending of the HTTP/WebSocket event
• Delete Value - Remove an HTTP message entity
• Delete Variable - Delete a variable
• Drop - Have Burp drop the connection
• Evaluate - Perform operations on values
• Highlight - Highlight the line item in the HTTP/WebSocket history
• Intercept - Intercept the message in the Proxy interceptor
• Log - Log message to the Burp extension console
• Parse HTTP Message - Extract values from an HTTP request or response message and store the values in variable
• Prompt - Get text via a prompt dialog
• Read File - Read a file
• Repeat - Repeat a group of Then actions by count, boolean value, or for each item in a list
• Run Process - Execute a command in a separate process
• Run Rules - Run a specific Rule or all auto-run Rules
• Run Script - Execute a JavaScript script
• Save File - Save text to a file
• Set Encoding - Set the encoding used to read and write bytes of the HTTP request or response body, or WebSocket message
• Set Event Direction - Change whether to send a request or to send a response at the end of processing
• Set Value - Set the value of an HTTP/WebSocket event using another value (text, variable, or HTTP/WebSocket event entity)
• Set Variable - Set a variable using another value (text, variable, or HTTP/WebSocket event entity)
• Send Message - Send a separate WebSocket message
• Send Request - Send a separate HTTP request
• Send To - Send data to other Burp tools or the system's default browser

Variables

Share values across different rules while processing the same event or all events