Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • silent install

    Is there anyway to perform a silent install of your software?

    0 Community Answer
    Sep 22, 2017 09:36PM UTC
  • Help reading reports better to verify issue with manual scanning

    After I finished scanning a website, I use the Burp suite reporting tool and save the file with a html file ext. When I going over the reports and someone asked me to verify that issue. The issue is part of filename multipart parameter attribute. I am having trouble putting the exact weblink to test like SQL or XSS issue that is listed as severity high confidence firm in the request part of...

    0 Community Answer
    Sep 22, 2017 06:21PM UTC
  • Make SSL work with Chrome (yes, I read the installation procs)

    After banging my head for half an hour, I think Burp Suite's Certificate is out of date in regards to Google Chrome. I'm using Mac, the certificate's been correctly installed for a long time in my KeyChain (used to work fine in Chrome). Now it's not, so I reinstalled everything except Chrome, generated new CA etc. The whole thing. Still not working, classical NET::ERR_CERT_C...

    1 Agent Answer    0 Community Answer
    Sep 17, 2017 09:43PM UTC
  • Cross-Site Scripting (Stored) Issue Inconsistency

    Hello, I ran a scan of an application and a Cross-Site Scripting (Stored) issue was reported at an Informational level. One of the parameters of the PUT request accepted a payload of j5kts<script>alert(1)</script>jveob, which was then returned in a subsequent GET request. After not changing anything about the application or the scanning options, I ran the scan of that endpoint (b...

    1 Agent Answer    0 Community Answer
    Sep 14, 2017 02:07PM UTC
  • Communication to

    Burp communicates with the IP How can I disable this?

    2 Agent Answers    1 Community Answer
    Sep 12, 2017 06:56AM UTC
  • Forward Request to Burp Suite

    How to forward request to Burp Suite from browser, if browser proxy settings are disabled due to Group Policy. There is no Connection tab in the IE to set proxy. Please help.

    2 Agent Answers    1 Community Answer
    Sep 12, 2017 03:26AM UTC
  • How should I config if i need parse https data?

    I use Mac + Burpsuite + chrome (v61.0) + SwitchyOmega , and I had tried almost all tutorials to setup CA and it doesn't work. I followed this steps: 1. I access and download the cacert.der CA file. 2. I double click this file and it jumps to mac system 'key string access'. 3. I use file -> import project to import this CA file and modify the attribute to '...

    1 Agent Answer    0 Community Answer
    Sep 09, 2017 02:52AM UTC
  • Macro+soap service

    Hello, I have to test a soap service. Specifically a function that deletes a token. For the deletion to be successful I need to use the function to create it. So i created a macro that runs the creation and I have set the custom position of the token. However I cannot use this token to the deletion function that I want to test. This fails probably because the parameter is not "normal" - ...

    1 Agent Answer    1 Community Answer
    Sep 07, 2017 11:16PM UTC
  • Configure Cluster bomb

    Let's say I use a cluster bomb attack with the repeater on this request (a quiz in which you can pass by checking the 3 corrects answers: &answer1=§0§&answer2=§0§&answer3=§0§&answer4=§0§&answer5=§0§&answer6=§0§&good_answers=3 For my payload type, I use a simple list with two string... 0( answer not chosen) and 1(answer choosen) This give me a total of 64 ...

    2 Agent Answers    3 Community Answers
    Sep 07, 2017 05:03AM UTC
  • Private Burp Collaborator Daemon Stop/Start

    Hi there, I just moved the newest burpsuite pro jar to my existing, private collaborator server, but I'm having some trouble with the daemon which I'd like to stop & start to apply the newest jar. I've issued a stop to it (sudo /etc/init.d/burp-collaborator stop) but the process continues and clearly is not stopping. Any ideas on the best way apply the latest jar given these c...

    1 Agent Answer    0 Community Answer
    Sep 05, 2017 02:46PM UTC