Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Burp Spider deleted controls in a SalesForce application

    Hi - We recently spidered a Salesforce application and this resulted to changes in the application such as: Deleted custom field Changed the UI Skin Changed Enable Drag-and-Drop Editing on Calendar Views from on to off Changed formula of Month custom field etc The Automatically Submit forms was enabled. Why would burp spider be able to do these things. What default values does...

    1 Agent Answer    0 Community Answer
    May 18, 2018 02:27AM UTC
  • Automate Burp License Activation

    We are working on a project, where we wanted to deploy Burp on a container in a ci/cd. Is there a way to automate the Burp License Activation process programmatically eitherway in a headless mode ? Has anyone given it a try earlier? Pranav

    1 Agent Answer    0 Community Answer
    May 14, 2018 10:19PM UTC
  • certificate_unknown

    I have an iOS app I'm testing on an iPhone 5c running iOS 10.3.3. The Burp certificate is correctly installed on the device as I'm able to see https web requests and https app requests from other applications within Burp without issue. When I launch the target app I receive "The client failed to negotiate an SSL connection to <client>.com:443: Received fatal alert: certi...

    1 Agent Answer    0 Community Answer
    May 11, 2018 03:39PM UTC
  • How do i prevent cookie ID injections in the request parameter?

    I have a case where we recorded a bunch of URL's and re-scanning them. During the re-scan the session expired. So to create an active session i have created a session handling rule to trigger login and create a new Session ID which is updated in the cookie jar. I also used the 'use Cookie jar from Burp's cookie jar' to ensure the rest of the requests are using the valid Sessi...

    1 Agent Answer    0 Community Answer
    May 11, 2018 04:48AM UTC
  • Burp/run analytics

    I would like to know how to run analytics

    1 Agent Answer    0 Community Answer
    May 10, 2018 08:46PM UTC
  • Missing identification of SQL injection

    test

    0 Community Answer
    May 10, 2018 01:17PM UTC
  • Fuzz APIs ?

    Do burp is having any extension which can help in Pen test of APIs ? Like another tool API fuzzer ? along with Intruder what else can be used to do API pen test automatically ?

    1 Agent Answer    0 Community Answer
    May 10, 2018 12:04PM UTC
  • How to stop DOM Based Link Manipilation in struts2.5

    Hi, Could you please help me resoving issue of DOM Based Link Manipilation in struts2.5. Its saying whitelisting of URLs, which I have already done in web.xml, but still its not stopping URLs which are already available in project.

    1 Agent Answer    0 Community Answer
    May 10, 2018 09:40AM UTC
  • Not able to intercept specific HTTPS traffic

    Hello, I am not able to intercept the HTTPS traffic using burp. I have installed certificate. I able to intercept the https://www.google.com but not able to intercept one specific URL. When i set the proxy, URL main page itself is not loading.

    1 Agent Answer    0 Community Answer
    May 10, 2018 08:44AM UTC
  • client failed to negotiate an ssl connection burp

    hi guys i have installed burp ca in emulator and it is in user certificate option of phone but when i run any app it says "client failed to negotiate an ssl connection burp" what should i do ? thanks

    1 Agent Answer    0 Community Answer
    May 08, 2018 07:57AM UTC