Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Not connection (proxy)

    I'm working with VirtualBox, option "Network" - "Virtual adapter host" , because if I select other option nothing work. When I select the program (PORTSWIGGER) and change options (network) in browser - 127.0.0.1:8080 or 192.168.56.102:8080 (it's IP at Metasploitable ifconfig). I can't connected in the website (192.168.56.102/dvwa or 127.0.0.1/dvwa). Why not wor...

    2 Agent Answers    1 Community Answer
    Sep 03, 2018 05:19PM UTC
  • java.util.ConcurrentModificationException while automating

    Hi, I am trying to replay every requests in proxyhistory and modify headers and makeHTTPRequest and compare the requests. while I do this, I am getting this ConcurrentModification Exception error. I believe this happens when the iterator which I am running on proxyhistory moves to the next iteration before closing the previous one. I tried searching for a workaround on this and found people usual...

    1 Agent Answer    0 Community Answer
    Sep 03, 2018 01:07PM UTC
  • request

    Hi, i would like to know if it's possible using burp generate a list of usernames: i have a list of account id in this form: site.com/id=0001, in every account pages you can see the related username. Is possible to send the id list as a request and get the usernames list? Thanks

    1 Agent Answer    0 Community Answer
    Sep 03, 2018 10:20AM UTC
  • Burp Sequencer Help

    Getting a valid session id in My application actually require 2 requests. First one will get a temporary session id from server and second request will have the fetched session id along with credentials. If the same temp session id is submitted more than once, server rejects it. Please let me know how to analyse the session id (second request) strength in this case.

    1 Agent Answer    0 Community Answer
    Sep 03, 2018 10:06AM UTC
  • Logout after correct password

    - burp intruder - i would like to know if it's possible to make an account logout every time the intruder find a correct password. I have an account and password list, and every time one of the account password is correct looks like that stop checking the others because the account is already logged in. thanks

    1 Agent Answer    1 Community Answer
    Sep 02, 2018 08:52AM UTC
  • Android Mobile Application testing CA Certification issue

    Hi, I am trying to test a mobile banking application with my android device (5.1.1) and burpsuit 2.0.03beta. 1.) initially what I did was, install Burp CA certification WITHOUT rooting the device. certificate installed under USER in trusted credentials. all the HTTPS traffic can intercept via browser but, mobile banking app gave me an error called "insecured connection detected"...

    1 Agent Answer    0 Community Answer
    Sep 02, 2018 06:10AM UTC
  • Logon to a website behind an Incapsula firewall

    Hello I am testing a website behind an Incapsula firewall. I can login to the website if I am not accessing it through Burp Proxy. If I try to logon through Burp (i.e. I enter the userid and password in the logon form and submit), the site responds with an HTTP 401 error code and prompts for a host-based logon. I have disabled Burp Collaborator and the Collaborator extension, since these were ...

    1 Agent Answer    0 Community Answer
    Sep 01, 2018 12:00AM UTC
  • Regarding REST API and Community Edition

    Hello Support, If we upgrade to Burp Suite Professional 2.0 will we be able to access REST APIs or do we need to pay for that service. Also what is the difference between Professional and community Edition apart from allowing multiple users to scan applications. Also what is the price of Community Edition license.

    1 Agent Answer    0 Community Answer
    Aug 30, 2018 01:10PM UTC
  • How much time would it take for a normal website?

    Hi, I am scanning a wordpress website and was wondering how much time it is taking. The reason why i ask is it takes forever ( maybe that is normal ) and always at a certain point it will give e error and says abandoned to many errors. So how much time would be normal and what to do about to many abandoned erros?

    1 Agent Answer    0 Community Answer
    Aug 29, 2018 08:50AM UTC
  • Firewall gets activated when scanning

    Hi, When am scanning one of my websites everytime my firewall gets activated. I know i can ask my hosting support to disable the firewall but is there an other way. What helped before is when i change my vpn's ip but are there things i can adjust in the settings too? With kind regards, Remco

    1 Agent Answer    0 Community Answer
    Aug 29, 2018 08:00AM UTC