Research Academy
My account Customers About Blog Careers Legal Contact Resellers

ProfessionalCommunity Edition

Bambdas

  • Last updated: March 1, 2024

  • Read time: 2 Minutes

Bambdas enable you to run Java-based code to customize Burp Suite directly from the UI.

Warning

Bambdas can run arbitrary code. For security reasons, please be cautious when using Bambdas from unverified sources.

Creating Bambdas

You can currently create Bambdas for the following features:

  • Proxy HTTP history filter
  • Proxy WebSockets history filter
  • Logger view filter
  • Logger capture filter

The Montoya API makes various objects available to help you write your Bambdas.

Related pages

To learn what a Bambda is and see a couple of examples, watch the Burp Suite Shorts | Bambdas video on YouTube.

For feature-specific instructions on how to create Bambdas, see the following pages:

Warning

Using slow running or resource-intensive Bambdas can slow down Burp. Write your Bambda carefully to minimize performance implications.

Saving Bambdas

You can save Bambdas as a JSON file. This makes it easy for you to migrate your configuration to other projects.

To save a Bambda:

  1. In a feature that enables Bambdas, go to the Bambda mode tab.
  2. Click settings .
  3. Click Save settings.

Your Bambda downloads as a JSON file.

Sharing Bambdas

You can share your Bambdas and download new ones via the Bambdas repository on GitHub. This includes example code created by PortSwigger, as well as Bambdas developed by the Burp Suite community.

Bambdas in the GitHub repository are written and maintained by third-party Burp users. We review them for security and quality before we make them available. However, PortSwigger makes no warranty about their quality or usefulness for any particular purpose.

Loading Bambdas

You can load a saved Bambda into other projects.

To load a Bambda:

  1. In a feature that enables Bambdas, go to the Bambda mode tab.
  2. Click settings .
  3. Click Load settings, then select your Bambda JSON file via the system dialogue.
  4. Click Apply.

Your Bambda is now loaded in Burp.

Note

Bambdas are only compatible with the tool that they were exported from. For example, a Bambda created for filtering the HTTP history cannot be loaded in a different Burp tool.

Troubleshooting Bambdas

There are two types of error you may encounter when working with Bambdas: compilation and runtime.

Compilation errors

Burp highlights compilation errors in real time by underlining them in red in the Bambda mode editor. You must resolve any compilation errors before Burp can apply your Bambda.

To display details of the error, hover over the red underline. If you click Apply while your Bambda contains compilation errors, the error details are shown in the Compilation errors tab.

Runtime errors

Runtime errors can occur after a Bambda has been applied. If Burp detects any runtime errors, a warning appears on the filter bar. Click on the filter bar to view the error details, and make changes to the code.

Was this article helpful?