tomsteele
commented
6 years ago You are confused as to how these different hooks are implemented, I don't blame you, I haven't written any documentation.
The request/response hook is implemented using a fake scanner, if you enable passive scanning you should see it working. But it is separate from the proxy and is also separate from the request and response hooks.
The combined HTTP request / response hook has a button with an enabled / disabled state. There are also individual request and response buttons and text fields. The enabled / disabled state for the hook that handles both requests and responses doesn't do anything.
When both the "HTTP Request Hook URLs" and "HTTP Response Hook URLs" buttons are disabled burpbuddy will not forward requests and responses. This happens even if the "HTTP Request/Response Hook URLs" button is enabled.
The checks are here: https://github.com/tomsteele/burpbuddy/blob/master/src/main/kotlin/burp/ProxyListener.kt#L24 https://github.com/tomsteele/burpbuddy/blob/master/src/main/kotlin/burp/ProxyListener.kt#L52