Welcome to the official Bambda scripts repository from PortSwigger. This repo contains a collection of scripts developed by both PortSwigger and the community with 🧡

• Types of Bambda scripts
• Repository contents
• Importing scripts into Burp
• Updating scripts in your library
• Contributing your own scripts
• Resources

Bambdas are scripts that run in supported Burp tools. They enable you to quickly personalize Burp Suite by creating:

• Table filters – Dynamically filter tables in Burp.
• Table columns – Add custom table columns to surface important data.
• Repeater custom actions – Extract, transform, and analyze data in Burp Repeater.
• Match and replace rules – Replace parts of HTTP and WebSocket messages as they pass through the proxy.

💡 You can use table filter scripts in both Burp Suite Community Edition and Burp Suite Professional. All other scripts require Burp Suite Professional.

You can explore the repository by script type:

• HTTP history
• WebSockets history
• Site map
• Logger view filter

• HTTP history
• WebSockets history
• Logger

• Repeater custom actions
• Match and replace rules

To use scripts from this repository, import them into your Bambda library in Burp. Once imported, you can load your scripts across Burp and in different projects as required.

To import GitHub scripts into Burp:

1. Download scripts from this repo, or download the full repo as a ZIP file.
2. If using the ZIP file, extract its contents.
3. In Burp, go to Extensions > Bambda library.
4. Click Import. The Import scripts dialog opens.
5. Select the .bambda files or the extracted ZIP folder.
6. Click Open.

Burp adds the selected files to your Bambda library. If you select a folder, Burp automatically finds and includes any .bambda files within it and its subfolders.

⚠️ Warning: Scripts can run arbitrary code. For security reasons, please be cautious when importing and using scripts.

To keep your scripts up to date with the latest changes in this repository, simply re-import them. Burp prompts you to confirm whether to overwrite existing scripts.

For more detailed guidance, see Updating your scripts.

Thank you for contributing to the community 🧡 We love seeing your scripts!

Start with the step-by-step guide:
➡️ Submitting scripts to our GitHub repository

Check out the quick reference guide to refresh your memory on the process and guidelines:
➡️ Contributing quick reference guide

Please make sure you are familiar with and respect our Code of Conduct when making submissions.

• Bambdas documentation – Detailed information on all script types and where they can be used.
• Bambdas – A quick video introduction with examples of filter scripts.
• Bambda table filters – Video overview of table filter scripts.
• Bambda table customization – Video overview of creating custom table column scripts.
• Introducing Custom Actions – Video on using custom actions to customize Burp Repeater.
• Introducing the Bambda library – Video on storing and managing your scripts.

• Creating scripts documentation – Guidance on creating scripts in Burp, including reference material and examples.
• Bambda output console – Video on using the output console to test and debug your scripts.

• Finding that one weird endpoint, with Bambdas – Blog post by James Kettle, on using filter scripts during testing.
• Lab: Limit overrun race conditions – Web Security Academy lab that uses a custom action.