AutoRepeater is a Burp Suite extension that automates duplicating, modifying, and resending HTTP requests to streamline web application authorization testing.
Automated HTTP Request Repeating With Burp Suite
Security researchers and penetration testers use AutoRepeater to efficiently test for authorization vulnerabilities by automating the repetitive process of modifying and resending HTTP requests within Burp Suite. It helps identify issues like unauthorized access by quickly applying conditional replacements across requests without manual intervention.
Avoid activating AutoRepeater until ready to browse to prevent unintended request resends. Ensure Burp Suite's cookie jar is not used by Extender to avoid interference. Verify replacements early to confirm correct behavior. Tabs and configurations persist after restart, but request/response data does not.
Within Burp Suite, go to the Extender tab
Import the AutoRepeater.jar file as an extensionWithin extender import AutoRepeater.jar
Loads the AutoRepeater extension into Burp Suite
Configure base replacements and conditional replacements in AutoRepeater tabs
Sets rules for how requests are automatically modified and resent
Use "Send to AutoRepeater" option from other Burp Suite tools
Sends selected requests directly to AutoRepeater for automated processing
Remove Header By Name under Base Replacements
Example rule to test unauthenticated user access by removing authentication headers