Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • Intercept for websockets should be able to honour the scope

    For client requests you can set it so that it only intercepts when the URL is in scope but for websockets it is either on or off. I've got all traffic going through Burp but only intercepting for my test sites but occasionally Firefox makes a websocket call out and that gets blocked by the interceptor. It would be nice to have the ability to tell the web socket interceptor to honour the...

    1 Agent Answer    1 Community Answer
    Dec 06, 2017 11:52AM UTC
  • Content Discovery Queued Tasks

    Hi, Could the queued tasks in the Discovery Session have the same functionality as the Scanner Scan Queue? This would allow the user to cancel individual discovery tasks to lower bandwidth/time, or to prioritise particular areas ahead of others. For example - during a recent long-running discovery scan, I was monitoring it and noticed a particular directory was flagged and added to the queue...

    1 Agent Answer    0 Community Answer
    Dec 01, 2017 08:15AM UTC
  • Feature Request

    Hi, Add option to split view request and response (side by side) in HTTP Proxy History (same as repeater view) Thanks!

    1 Agent Answer    0 Community Answer
    Nov 30, 2017 05:40AM UTC
  • Notification alert in Burp when scans go out od session

    This is regarding the session handling feature in Burp for web-applications. I was trying Burp scans for one of my applications and found that the session had timed-out and I got 302 redirection responses which redirects to login page. I referred the link: https://support.portswigger.net/customer/en/portal/articles/2363088-configuring-burp-s-session-handling-rules to configure the session handler ...

    1 Agent Answer    0 Community Answer
    Nov 29, 2017 06:16AM UTC
  • Getting the time when a request was made

    Let me put this straight. I have configured burpsuite proxy and everything correctly. How do I find the exact time and date a request was made? For example when I go to www.google.com, I want burpsuite to show me exactly when the request was made (Date&Time). Is there a burp feature for this? Or is it not possible? I am normally browsing all the data in the target tab. It would be ...

    1 Agent Answer    0 Community Answer
    Nov 10, 2017 05:39PM UTC
  • Custom Macro Parameter in URL Definition

    Hi Portswigger Team, I've noticed that more and more websites use a one-time login page. The landing page defines a one-time valid login request. Since the one-time value is in the URL itself and is no GET parameter (I know that you can add custom GET parameters), it can't be set as parameter in a macro definition (to deal with anti CSRF tokens). Example for such a login request w...

    1 Agent Answer    0 Community Answer
    Oct 20, 2017 09:07AM UTC
  • Load saved project from within Burp

    Hello, It would be nice to have the ability to load a saved project without having to exit Burp and restart it. Are there any plans for implementing such functionality? Thanks, Anthony

    1 Agent Answer    0 Community Answer
    Oct 16, 2017 05:25AM UTC
  • My letter to Santa Burp Team 2017 (Extender API enhancements)

    Dear Santa Burp Team, My name is Luca and I am 37 years old. I have been a very good boy this year, and I would like the following Extender API enhancements: 1) Extend the support of IExtensionHelpers addParameter/removeParameter/updateParameter to PARAM_JSON, PARAM_XML and PARAM_XML_ATTR, PARAM_MULTIPART_ATTR 2) Today, it's possible to add Burp Scan items via (A) doActiveScan/doPass...

    1 Agent Answer    1 Community Answer
    Oct 10, 2017 11:08PM UTC
  • API extensions

    Hi, I wrote an extension some time ago, but abandoned it due to missing API functionality. In particular, I needed the following: Ways to save extension state along with the rest of the saved state. While I could ask users to save it to a separate file, and load it again later, that seems likely to result in corruption and inconsistent state. Ways to obtain a listing (and contents) of ALL...

    1 Agent Answer    0 Community Answer
    Oct 06, 2017 01:34PM UTC
  • JWT Support

    Does burp support session management JWT tokens using Authorization Bearer header? If yes, could anyone provide an explanation?

    1 Agent Answer    0 Community Answer
    Sep 29, 2017 01:40PM UTC