Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • How do i delete the host from site map?

    I want to delete host from site map using REST API/Burp Extender. How to achieve this?

    1 Agent Answer    0 Community Answer
    Sep 27, 2018 10:49AM UTC
  • Need help with new Burp REST API

    How to initiate a scan with burp REST API for "Audit Selected Items". Now its allowing us to crawl and audit a site, but we need to audit specific items with payloads. Please help.

    1 Agent Answer    0 Community Answer
    Sep 24, 2018 05:50PM UTC
  • create payload rule to reject or bypass payloads with duplicate characters

    for example: I don't want burpsuite to try passwords like these: egraaaaa hidbbbbb hfkkkkkka ewsaaaas any word with duplicate letters more than 4 characters should be skipped. please help .

    1 Agent Answer    0 Community Answer
    Sep 24, 2018 03:17PM UTC
  • Burp 2 send base request

    I'm really excited about the REST API possibilities in BURP 2. This is a good start in using BURP in automation scenarios. What I really need now is to send an url to the /scan endpoint including a base request. It seems that now I can only send url's but this does not result in a qualitative result. Is it possible, like when I start a scan from the ' Target' tab, to include...

    1 Agent Answer    0 Community Answer
    Sep 21, 2018 02:50PM UTC
  • Reuse the URLs captured using intercept on one host to run active scan on other host

    Hi, I need to run active scans against a set of URLs on multiple hosts (of same application with minor application version differences, however, these URLs under test do not differ.) Is there a way that I can reuse the URLs that I captured on one host to run active scans on other hosts by changing the host name in URL and the Host in the base request that is intercepted? Is what is the way t...

    2 Agent Answers    2 Community Answers
    Sep 21, 2018 09:49AM UTC
  • Colorizing Repeater tabs

    Hi, would it be possible to colorize Repeater tabs? I just noticed a very nice colorization highlight in Proxy Intercepter (Burp 2), and it would be great to have the same for Repeater tabs:) Thanks

    1 Agent Answer    0 Community Answer
    Sep 21, 2018 08:55AM UTC
  • Match and Replace

    Hi There, I have this URL "curl -X POST "http://foo.example.org/abcd?User=abcd&HelloCode=1234" When I POST this url I want Burp to manipulate this url as like this "curl -X POST "http://foo.example.org/abcd?User=abcd&HelloCode=5678". Can anyone suggest how should I compose a "Match& Replace" filter??

    1 Agent Answer    0 Community Answer
    Sep 20, 2018 10:30PM UTC
  • Burp Suite certificate

    Hi, i have installed the burp Suite Professional version and i want to perform a security test on a web application using Firefox as browser. This web application is actually using https so i got this error:SEC_ERROR_INADEQUATE_KEY_USAGE . I have try to download the certificate of burp and to import it in my firefox but it doesn´t work. Firefox doesn´t recognize this certificate . this is...

    1 Agent Answer    0 Community Answer
    Sep 19, 2018 06:14AM UTC
  • Burp with Jenkin

    When I am trying to integrate my burp with Jenkins by Carbonator extension. I am using Pro license version . I have followed this https://www.we45.com/blog/automating-burp-with-jenkins link to make my burp work with Jenkins. As the burp headless command runs, In console of Jenkins I am getting license agreement message and at the end of the message it is asking for "Do you accept the lice...

    3 Agent Answers    2 Community Answers
    Sep 18, 2018 09:25AM UTC
  • Reporting on the evaluation version Burp Suite Enterprise Edition

    I'm current evaluating Burp Suite Enterprise Edition Version: 1.0.03beta-804 and I managed to perform the scan and see the results however I cannot find any reporting option. Is this available on the evaluation version?

    1 Agent Answer    0 Community Answer
    Sep 18, 2018 08:55AM UTC