Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Configuring NTLM with Burp Suite

Burp's Platform Authentication settings let you configure Burp to automatically carry out platform authentication to destination web servers. Different authentication types and credentials can be configured for individual hosts.

Windows Challenge/Response (NTLM) is the authentication protocol used on networks that include systems running the Windows operating system and on stand-alone systems. In this article we'll demonstrate how to configure Burp Suite with an application using NTLM authentication.

NTLM credentials are based on data obtained during the interactive logon process and consist of a domain name, a user name, and a one-way hash of the user's password.

When an application is using NTLM authentication, you will need to configure Burp Suite to automatically carry out the authentication process.



You can configure these settings at User Options > Connections > Platform Authentication.

Use the Add function to configure new credentials.



Select the correct authentication type and add the appropriate credentials.



With the credentials configured correctly, Burp automatically carries out the NTML authentication, allowing access to the destination application web server.