Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Spider Problem

    Hello.Sometimes when I using Spider I logout in web application and return http response 500.I need to login again and start the spider.Can not this be automatic ?When ı'm logout web application and spider is login again ?

    1 Agent Answer    0 Community Answer
    Aug 15, 2018 12:48PM UTC
  • Restrict interception only on a particular app (Android)

    Hi there, I'm new with Burp and want to intercept http & https requests only from specific android apps for testing purposes. I configured burp suite community edition (v.1.7.36) for proxy usage (I add an proxy listener as described in the manual) and I configured my android device also as described in the manual (its a samsung galaxy s5 with android 6.0.1 SDK 23). I get a connection and...

    4 Agent Answers    4 Community Answers
    Aug 14, 2018 11:18AM UTC
  • Run Mobile Assistant on iOS 10.3.3

    I am attempting to run Mobile Assistant on a jailbroken iphone 5C running iOS 10.3.3. I can install the app using the instructions described in the support forums, but the app closes as soon as I open it. Other jailbroken apps work fine. Does the Mobile Assistant normally work on 10.3.3 and is there any troubleshooting that can be done?

    1 Agent Answer    0 Community Answer
    Aug 13, 2018 04:23PM UTC
  • Unable to connect to internet with 127.0.0.1 proxy

    Unable to connect to internet with 127.0.0.1 proxy

    1 Agent Answer    0 Community Answer
    Aug 13, 2018 12:10PM UTC
  • How do I sniff packets of a http game?

    I have a game, and I converted it’s commincation with the server from https to http so that the endpoint would be http instead. Now all the packets are decrypted and no longer protected. How do I sniff the game now, because a normal Http Proxy gives me errors such as in Alerts it shows: Certificate unknown, etc. I then install SSL certificate on my device but that is for https :/ I...

    2 Agent Answers    1 Community Answer
    Aug 12, 2018 04:58PM UTC
  • an error when install burp_infiltrator_java.jar on Linux

    when I try to install burp_infiltrator_java.jar on linux, a error encountered, I would to share it: Exception in thread "main" java.awt.AWTError: Can't connect to X11 window server using ':0' as the value of the DISPLAY variable. at sun.awt.X11GraphicsEnvironment.initDisplay(Native Method) at sun.awt.X11GraphicsEnvironment.access$200(X11GraphicsEnvironment.java:65) ...

    1 Agent Answer    0 Community Answer
    Aug 09, 2018 11:50AM UTC
  • Burp update HTTP header

    Hi, I'm wondering if there is a simple way to update the HTTP header. Basically when a specific request is made a new token is sent in the response. How can I take that value from the response and put it into the header for the following requests every say 5 requests. Thanks!

    1 Agent Answer    0 Community Answer
    Aug 08, 2018 07:03PM UTC
  • Static and Dynamic scan of .NET MVC web application coding in development environment

    Hi, I am planning to buy two licenses of Burp Professional. Does Burp professional license includes all the modules/functionalities including static/dynamic scanning of developers actual coding. If not what should I need to buy to get the dynamic/static scanning of developers coding. Currently we use F5 WAF, and it gives errors of unsafe coding. My plan is to use the Burp during development so ...

    1 Agent Answer    0 Community Answer
    Aug 08, 2018 05:44PM UTC
  • PLS HELP

    How do i use it pls send a video for understanding pls tell..... i have a latest laptop...SO PLS HELP....BY GIVING TRAINING

    1 Agent Answer    0 Community Answer
    Aug 05, 2018 09:47AM UTC
  • base64

    Hi, I want to use Intruder to fuzz param1 and param2 in a base64 encoded payload: Intercepted POST request body: data=cGFyYW0xPTEyMzsgcGFyYW0yPTQ1Ng== Decoding "data": param1=123; param2=456 I figured out how to decode it, but then I would need to define the payload positions (123 and 456) and then encode it back before sending to the application. How should I proceed? ...

    1 Agent Answer    0 Community Answer
    Aug 02, 2018 02:36PM UTC