Source IP logging?

[m3Ik0r]

Is it possible you can integrate a feature that would allow logging of all the source IP addresses used? As far as I can see this isn't possible on Burp via logger++

[YuraSrohiy]

This

I have IP Rotate working, and if I'm testing it on https://whatismyipaddress.com/ it changes but when I'm trying to do it with other hosts to bypass the rate limit (where I can't check source) it still rate limit me.

I'm doing requests from an external browser through my own chrome extension. All requests are shown in Proxy HTTP history but they are still rated limited.

How can I check if IP Rotator is working properly?

[DaveYesland]

If it is showing the IPs are being rotated then they likely are for your target too, there could be other ways they are enforcing rate limiting. You may need to modify the X-Forwarded-For header which API gateway inserts as this still contains your source IP. Take a look here: https://github.com/RhinoSecurityLabs/IPRotate_Burp_Extension/pull/21

For now I am closing this because as far as I know there is no way to obtain the source IP from each request. You may be able to look this info up in AWS logs based on the API gateway IDs.