Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Configuring Burp Suite Mobile Assistant

Having installed Burp Suite Mobile Assistant on your device, the next step is to add your target application to the injected apps list. An app will be injected with a certificate pinning bypass if it matches at least one of the entries in the injected apps list.

 

A connection with the remote server will only be established if the server can prove its identity by means of a certificate that matches the app's expectations.

 

Burp Suite Mobile Assistant can be launched just like any other app on your device. Simply tap the app's icon to get started.

 

Tap the "Add injected app" button.

 

The add menu shows a list of user and system apps, which can be individually selected to be injected.

You can use the filter bar to search for a specific app.

Items can be added to injected apps list with a single tap on the specific app.

 

The item will then appear in the injected add list.

You can individually enable or disable entries in the injected apps list. Various checks are performed when an item is enabled, and items will be automatically disabled if an error occurs.

Note: Enabling an injection doesn't make it take effect immediately. Injection is performed at the time that an app is launched. Hence, an app will need to be restarted if it was already running when it was enabled in the injected apps list. If an app has been successfully injected, a dialog will appear when the app is launched.

 

Ensure the application is enabled.

 

When you reload the app you should see a pop up informing you that the injection has been successful.