Author: Sachhit Anasane
Version: 1.0
Date: December 2025
SAVER_LOGGER is a professionally engineered extension for Burp Suite that automatically logs all HTTP requests across tools like Proxy, Scanner, Repeater, Intruder, Collaborator, and Dashboard. It captures comprehensive request metadata including insertion points, request timing, status codes, and tool sourcesβthen exports structured CSV logs with complete audit trails.
- β Comprehensive Logging: Captures every HTTP request from all Burp tools
- β Complete Metadata: Host, method, URL, status code, tool source, insertion points, and timing
- β
Insertion Point Detection:
- Intruder: Counts
Β§payload markers - Scanner: Counts tested parameters
- Other tools: Identifies available parameters
- Intruder: Counts
- β Request Counting: Tracks how many times each URL has been accessed
- β Timing Analysis: Records start and end timestamps for each request
- β
Auto-backup on Exit: Crash-safe backup with timestamped filename (
SAVER_LOGGER_AUTOSAVE_DDMMYYYY_HHMMSS.csv) - β Periodic Auto-backup: Configurable interval (10-3600 seconds) to custom folder
- β Manual Export: User-triggered CSV export with file chooser dialog
- β
Manual Backup: Instant timestamped backup (
SAVER_LOGGER_BACKUP_DDMMYYYY_HHMMSS.csv) - β Single File Approach: Periodic backups overwrite same file to prevent fragmentation
- β UTF-8 Encoding: Full international character support
- β CSV Sanitization: Automatic handling of commas, newlines, and special characters
- β Footer Metadata: Burp version, export timestamp, and unique runtime ID
- β Session Tracking: Unique session identifier for audit trails
- β Dashboard Tab: Quick access to export, backup, and clear functions
- β Settings Tab: Configure backup folder, interval, and enable/disable auto-backup
- β Status Area: Real-time logging of all operations with timestamps
- β Confirmation Dialogs: User-friendly feedback for all actions
- Download Jython standalone JAR (v2.7.3 or later):
https://www.jython.org/download.html
- Open Burp Suite
- Navigate to: Extensions > Extension Settings > Python Environment
- Set location of Jython standalone JAR file
- Go to: Extensions > Installed > Add
- Extension type: Python
- Extension file: Select
saver_logger.py - Click Next
- Verify "SAVER_LOGGER" appears in the Extensions list
- A new tab labeled SAVER_LOGGER should appear in Burp Suite
- Check the Dashboard for session information
- Review Settings to configure backup preferences
- Automatic Logging: All HTTP traffic is logged automatically once the extension is loaded
- Access Dashboard: Click the SAVER_LOGGER tab to view controls and info
- Configure Settings: Navigate to the Settings tab to customize backup behavior
- Opens file chooser dialog
- Allows custom filename and location
- Default name:
SAVER_LOGGER_Export_YYYYMMDD_HHMMSS.csv - Exports all logged requests with complete metadata
- Creates instant timestamped backup
- Saves to configured backup folder
- Filename:
SAVER_LOGGER_BACKUP_DDMMYYYY_HHMMSS.csv - Shows confirmation with file path
- Removes all logged requests from memory
- Requires user confirmation
- Does not delete previously exported files
- Enable/Disable: Toggle automatic periodic backups
- Backup Interval: Set time between auto-backups (10-3600 seconds)
- Backup Folder: Choose custom directory for backups
- Default Location: Desktop
- Periodic Backup: Overwrites
SAVER_LOGGER_AUTOSAVE.csvat configured interval - Exit Backup: Creates timestamped file on Burp close/crash
- Single File: Prevents file proliferation during normal operation
| Backup Type | Filename Pattern | Example |
|---|---|---|
| Periodic Auto-backup | SAVER_LOGGER_AUTOSAVE.csv |
SAVER_LOGGER_AUTOSAVE.csv |
| Exit/Crash Backup | SAVER_LOGGER_AUTOSAVE_DDMMYYYY_HHMMSS.csv |
SAVER_LOGGER_AUTOSAVE_24122025_143052.csv |
| Manual Backup | SAVER_LOGGER_BACKUP_DDMMYYYY_HHMMSS.csv |
SAVER_LOGGER_BACKUP_24122025_143052.csv |
| Manual Export | SAVER_LOGGER_Export_YYYYMMDD_HHMMSS.csv |
SAVER_LOGGER_Export_20251224_143052.csv |
All exported CSV files contain the following 10 columns:
| Column | Description |
|---|---|
| Serial No | Sequential request identifier (1, 2, 3...) |
| Host | Target hostname or IP address |
| Request Method | HTTP method (GET, POST, PUT, DELETE, etc.) |
| URL | Complete request URL including query parameters |
| Status Code | HTTP response status code (200, 404, 500, etc.) |
| Tool Name | Burp tool that generated the request (Proxy, Scanner, Repeater, Intruder) |
| Request Count | Number of times this specific URL has been requested |
| Insertion Point Count | Number of insertion points/parameters detected |
| Start Time | Request initiation timestamp (YYYY-MM-DD HH:MM:SS) |
| End Time | Response received timestamp (YYYY-MM-DD HH:MM:SS) |
| Tool | Detection Method |
|---|---|
| Intruder | Counts Β§ payload markers (divided by 2) |
| Scanner | Counts all HTTP parameters being tested |
| Other Tools | Counts available parameters in request |
Every CSV file includes:
# Generated By: SAVER_LOGGER
# Session ID: 20251224143052
# Export Time: 2025-12-24 14:30:52
# Total Requests: 1547
Every CSV file concludes with:
# --- FOOTER METADATA ---
# Burp Suite Version: Burp Suite Professional 2024.x.x
# Exported: 2025-12-24 14:30:52
# Runtime ID: 20251224143052
# Total Requests Logged: 1547
# Generated By: SAVER_LOGGER
# Session ID: 20251224143052
# Export Time: 2025-12-24 14:30:52
# Total Requests: 3
Serial No,Host,Request Method,URL,Status Code,Tool Name,Request Count,Insertion Point Count,Start Time,End Time
1,example.com,GET,https://example.com/api/users,200,Proxy,1,0,2025-12-24 14:25:10,2025-12-24 14:25:11
2,example.com,POST,https://example.com/api/login,200,Repeater,1,2,2025-12-24 14:26:15,2025-12-24 14:26:16
3,example.com,GET,https://example.com/api/data?id=§1§&type=§test§,200,Intruder,1,2,2025-12-24 14:28:20,2025-12-24 14:28:21
# --- FOOTER METADATA ---
# Burp Suite Version: Burp Suite Professional 2024.9.2
# Exported: 2025-12-24 14:30:52
# Runtime ID: 20251224143052
# Total Requests Logged: 3- Language: Jython (Python for Java)
- Burp API: IBurpExtender, IHttpListener, IScannerListener, IExtensionStateListener, ITab
- Encoding: UTF-8 for international character support
- Threading: Timer-based background scheduler for auto-backups
- Automatic cleanup of request tracking data after processing
- Efficient storage of only essential metadata
- No memory leaks during long-running sessions
extensionUnloaded()callback ensures data is saved on:- Manual Burp Suite closure
- Burp Suite crashes
- Extension unload/reload
- System shutdowns
- Commas replaced with semicolons in data fields
- Newline and carriage return characters removed
- Special characters properly escaped
- Track all requests during penetration testing
- Maintain audit trail of testing activities
- Document insertion points for vulnerability research
- Analyze request patterns and timing
- Generate comprehensive test reports
- Export data for compliance documentation
- Create audit logs for security assessments
- Track tool usage and coverage
- Measure request/response timing
- Identify slow endpoints
- Analyze request frequency per URL
- Monitor testing efficiency
- Share structured test data with team members
- Import into analysis tools (Excel, Python, R)
- Create reproducible testing workflows
- Document findings with complete context
- Regular Exports: Periodically export data during long testing sessions
- Backup Configuration: Set auto-backup to 300-600 seconds for balanced performance
- Disk Space: Monitor available space when logging heavy traffic
- Clear Logs: Clear logs after exporting to manage memory usage
- Naming Convention: Use descriptive names when manually exporting for specific tests
- β All data stored locally on your machine
- β No external network connections
- β No telemetry or analytics
- β No data uploaded to external servers
- β Full control over exported files
Happy Testing! ππ