Manage Burp Suite Display Settings with DisplaySwitcher
By Karl Schuttler | May XX, 2024 | Application Security, Tools
Burp Suite has a ton of display configuration options to allow users to tailor the tool to their own needs, like font style and size, light and dark mode, and use of custom character sets. However, Burp only allows users to manage the current, active settings without any ability to save or restore them easily. Managing a setting like font size requires six mouse clicks and two scrolls, navigating options that are split between three different sub-menus.
Web application testing requires manipulation of numerous windows, necessitating multi-monitor setups that could have widely varying resolutions. Moving between resolutions can make Burp’s fonts become so small that they cause eye strain, or so large that it’s impossible to see the whole HTTP header at once. Burp’s Scaling settings, which automatically resize display elements, is known to have its own set of weird problems that can make Burp impossible to use.
White Oak Security is proud to release the DisplaySwitcher extension for Burp Suite, which allows users to configure and manage multiple Display Configuration Profiles, switch between those profiles from context menus anywhere within the application, and automatically switch profiles based on the current monitor in use.
Step 1: Configure a Display Profile
DisplaySwitcher uses the current active display settings to define its profiles. After you have used Burp’s standard Settings menu to configure the display settings to your preferences, give your Display Settings Profile a name and click the “ADD” button to save it. DisplaySwitcher uses Burp’s persistence API to maintain your profiles across Burp projects.
Step 2: Switch Between Display Profiles Using the Context Menu
After adding a Display Settings Profile, it is immediately available within the Extension context menu so that you can switch between them without needing to dive through the Burp Settings dialog.
The default display settings are always available within this context menu without needing to add them as an individual Display Settings Profile. Without this option, users would need to revert all User Settings to return to default - nuking any other important configurations that were made (e.g., Automatic Backup settings).
Step 3: Define Monitor Configurations
For advanced use, users may add Monitor Configurations to enable automatic Display Settings Profile switching when Burp is moved between monitors. After moving Burp to a new monitor, input a name for your new configuration and select “ADD” to save it. DisplaySwitcher detects the resolution of the current monitor in use and associates it with the configuration name provided. The “DETECT” button provides feedback to the user about their current display’s geometry before saving the Monitor Configuration, but is not a prerequisite.
Step 4: Pair Monitor Configurations to Display Profiles
Monitor Configurations can then be paired to a Display Settings Profile. After highlighting a Monitor Configuration, simply double-click the desired Display Settings Profile to pair them. Selecting a Monitor Configuration will then automatically highlight the paired Display Settings Profile within the list.
Step 5: Use the DisplaySwitcher Tab to Automatically Apply Settings
Once configured, selecting the DisplaySwitcher extension tab will cause Burp to apply the Display Settings Profile paired with the current monitor in use. Users can quickly raise the tab to switch settings, avoiding all menus.
Step 6: Hack the Planet
Now that you can actually read what’s going on, you’re ready to get down to business finding vulnerabilities, like the Session Timeout Vulnerabilities detailed in our previous post.
The DisplaySwitcher plugin is now available within our Github Repository, and in the BApp Store!
Basic CTA: More From White Oak Security
White Oak Security is a highly skilled and knowledgeable cyber security testing company that works hard to get into the minds of opponents to help protect those we serve from malicious threats through expertise, integrity, and passion.
Read more from White Oak Security’s pentesting team. (link to a relevant page)