Open irsdl opened 1 year ago
I should also add their exact wording here to show another solution:
you shouldn't use statics. If you do they should be set to null on the unload of the extension.
This is news to me! Static variables are unloaded when the class, and the class loader which spawned it, are garbage collected.
Personally I see this as a bug in burp. They should be loading extensions with a new classloader not the main one used by burp.
This might potentially be why burp is such a memory hog! If they switched to using a new class loader per extension then all the extension memory would be GC’ed when the user unloaded it.
I was told this by PortSwigger's dev team: While the use of static methods is acceptable, it is crucial to avoid employing static variables in Burp extensions under all circumstances. (I used ChatGPT to rephrase it for me so it will look cool and professional!!)
Here is an example:
I haven't used a profiler yet, but here is a list if you want to try it yourself: https://www.baeldung.com/java-profilers PortSwigger team uses https://visualvm.github.io/